This article was published on April 2, 2013

Anonymous hackers claim to have stolen 15,000 passwords from North Korea’s Uriminzokkiri site


Anonymous hackers claim to have stolen 15,000 passwords from North Korea’s Uriminzokkiri site

A hacker, or hackers, purporting to be part of the Anonymous group claim to have got their hands on more than 15,000 passwords belonging to users of Uriminzokkiri.com, one of North Korea’s primary sites on the Internet.

An anonymously written note — first spotted by the North Korea Tech blog — makes the claim, and discloses what are said to be six sample user records for the site, which is run out of China.

The posting, which is in English, boldly demands that Kim Jong-un resigns and installs free democracy in the country. It also calls on the country to stop its commitment to nuclear weapons and introduce universal Internet access for its citizens. According to the note, the hacker/hackers have access to the country’s local intranets, mail servers and Web servers and are promising to wreak more havoc later this month as part of the Anonymous #OpFreeKorea campaign.

“First we gonna wipe your data, then we gonna wipe your badass dictatorship ‘government'”, the statement says.

Looking at the names of the email addresses of the half a dozen supposed leaks, three appear to be Korean, with the other three Chinese.

Based on the data, the passwords appear to be hashed, which provides some basic security against theft. Passwords are run through an algorithm to generate hashes and, though they can be ‘cracked’, it is a better option than storing plain text passwords.

While it is not clear how strongly the self-professed hackers are affiliated with Anonymous or, indeed, if the claim of 15,000 user credentials is legitimate, the news follows a series of initiatives from the Anonymous group in response to North Korea’s closed Internet, harsh regime and growing hostility to South Korea, the US and other countries.

Anonymous hackers claimed to have taken five of the country’s websites offline over the weekend, with Uriminzokkiri.com said to have been one of those the sites that was successfully targeted. The site has suffered other hackings in the past, going down as recently as January 2013.

The site is North Korea’s main news and ‘information’ (also know as propaganda) portal, and it even has a presence on Twitter. The @uriminzok account began tweeting in August 2010 and currently has more than 13,000 followers.

North Korea was suspected of leading a recent attack on South Korea that saw computer networks at banks and broadcasters go offline due to malware.

Over the weekend, tensions with neighboring South Korea were raised as officials in North Korean capital Pyongyang declared the country is “entering a state of war” with its rival.

Even if this attack wasn’t coordinated by central figures at Anonymous, and regardless of how many credentials were grabbed, it shows that the ‘hacktivist’ community is turning its attention to North Korea. The next activity for the Anonymous #OpFreeKorea campaign is slated as happening on April 19, at which time we’re likely to know more about the kind of access that hackers have to North Korea’s Internet presence.

Headline image via Shutterstock

Get the TNW newsletter

Get the most important tech news in your inbox each week.