A few weeks ago, we reported on three South Korean television broadcasters and two banks becoming victims of a widespread malware attack, which resulted in serious network outages. The attack was perpetrated by “Whois Team,” which according to South Korea’s internet security agency was carried out by North Korea.
The attack was carried out by six computers located in North Korea accessing computer servers in South Korea, which used over a thousand different oversea IP addresses. The results of the attack wiped out the hard drives of over 30,000 PCs in the affected TV stations and banks and was being planned for up to eight months prior to when the attacks were carried out.
North Korea was always a prime suspect for these attacks as South Korea’s internet security agency noted the tools used were outdated by modern hacking standards and followed similar patterns the country used in recent hacking attempts. Regardless of those facts, it looks as though North Korea was able to carry out whatever they planned as it seriously crippled the TV stations and banks they were aiming their attacks against.