The Korea Times close
National
  • Politics
  • Diplomacy
  • Defense
  • Labor & Environment
  • Law & Crime
  • Health & Welfare
  • Embassy
  • Seoul & Provinces
  • Education
  • Foreign Communities
  • Obituaries
Biz & Tech
  • Auto
  • IT
  • Game
  • Manufacturing
  • Retail & Food
  • Energy
  • Construction
  • Airlines
Finance
  • Policies
  • Economy
  • Markets
  • Banks
  • Non-banks
Opinion
  • Editorial
  • Columns
  • Thoughts of the Times
  • Cartoon
  • Today in History
  • Blogs
  • Tribune Service
  • Blondie & Garfield
  • Letter to the Editor
Lifestyle
  • Arts
  • Books
  • Travel & Cuisine
  • Trend
  • Fashion
  • Around Town
  • Fortune Telling
Entertainment
  • K-pop
  • K-dramas & Shows
  • Movies
  • Music
  • Performances
  • Asia Model Festival
Sports
  • Football
  • Golf
  • Baseball
  • Other Sports
World
  • Asia Pacific
  • Americas
  • Europe & Africa
  • SCMP
Video
  • On the Spot
  • Feature
  • News
Photos
  • Photo News
  • Darkroom
Community
  • The Korea Times
  • search
  • Site Map
  • E-paper
  • Subscribe
  • Register
  • LogIn
search close
  • The Korea Times
  • search
  • Site Map
  • E-paper
  • Subscribe
  • Register
  • LogIn
search close
Biz & Tech
  • Auto
  • IT
  • Game
  • Manufacturing
  • Retail & Food
  • Energy
  • Construction
  • Airlines
Mon, March 8, 2021 | 03:28
DDoS Malware Was Produced in Korea
Posted : 2009-07-27 18:11
Updated : 2009-07-27 18:11
Mail
Print Preview
Font Size Up
Font Size Down
By Kim Tong-hyung
Staff Reporter

The powerful Internet attack that crippled South Korean computers earlier this month may have been initiated by local hackers after all, according to a police report issued on Monday.

The National Police Agency's cyber crimes unit said the malicious software used for the recent distributed denial of service (DDoS) attacks were put out by two "Web hard" online storage sites, which manage commercial peer-to-peer transactions of files.

Authorities, including the Korea Communications Commission (KCC) and the National Intelligence Service (NIS), have been struggling to track down the source of the cyber criminals.

However, police investigators say that 21 of the 27 "zombie" computers they examined, which were infected and compromised by the malicious codes, were infected from programs originating from the two online storage sites.

Although the malicious software was distributed from Korean sites, the cyber attackers used four separate servers based overseas to control the programs after they reached computers.

"The DDoS attackers hacked two Korean Web sites, based in Seoul and Busan, and switched the program update files of the sites with their malicious codes," said a police officer.

"Users of these online storage sites unknowingly downloaded the malicious programs, thinking they were updating the programs for the peer-to-peer transactions. We found four foreign servers that we believed were used to issue the attack orders."

A DDoS attack occurs when multiple systems are flooded with traffic that overwhelms their bandwidth or resources. More than 80,000 South Korean computers were affected by the series of DDoS attacks that started on July 7, while the United States and China were also attacked, albeit less ferociously.

The malicious software used in the recent attacks was mostly "botnets," or software robots that run autonomously to initiate the DDoS attacks. The botnets compromise the infected computers and are manipulated by the command and control (C&C) system set up by the hackers.

A total of 432 servers based in 61 countries were used by the hackers for C&C operations in the recent attacks, police officials say. Through the C&C servers, the hackers attempted to steal information from the infected computers and used the devices to spread the malicious codes to other computers, and eventually, programmed the zombies to self-destruct.

According to data provided by German law enforcement authorities, about 98 percent of the 55,500-plus zombie computers that communicated with the C&C server based in Germany were Korean computers, the police agency said.

thkim@koreatimes.co.kr









 
 
  • Korean security officer fired over incident with Indonesian factory workers
  • Who wants to be a cryptomillionaire?
  • Seoul's leniency on Pyongyang worries some in international community
  • Wary tale about the use of straw
  • Finance minister pledges unwavering push for housing supply plan
  • Waste management companies grow more attractive to private equity funds
  • [INTERVIEW] Ruling party's Seoul mayoral candidate vows to make city global economic hub
  • New virus cases above 400 for 2nd day
  • Market Kurly under fire for blacklisting staff
  • POSCO's Argentine lithium lake valuation backfires
  • 'Mr. Queen' star Na In-woo to replace Ji Soo in 'River Where the Moon Rises' after bullying scandal 'Mr. Queen' star Na In-woo to replace Ji Soo in 'River Where the Moon Rises' after bullying scandal
  • In new film 'Fighter,' North Korean defector finds hope and meaning through boxing In new film 'Fighter,' North Korean defector finds hope and meaning through boxing
  • 'Penthouse 2' ratings soar to new high 'Penthouse 2' ratings soar to new high
  • March set to be star-studded month March set to be star-studded month
  • Psy's 'Gangnam Style' becomes first K-pop song to hit 4 billion views on YouTube Psy's 'Gangnam Style' becomes first K-pop song to hit 4 billion views on YouTube
DARKROOM
  • Bloody Sunday in Myanmar

    Bloody Sunday in Myanmar

  • Earth is suffering

    Earth is suffering

  • NASA's Perseverance rover is landing on Mars

    NASA's Perseverance rover is landing on Mars

  • Fun in the snow, sledding for everyone

    Fun in the snow, sledding for everyone

  • Our children deserve better: Part 3

    Our children deserve better: Part 3

  • About Korea Times
  • CEO Message
  • Times History
  • Content Sales
  • Media Kit
  • Contact Us
  • Location
  • Privacy Statement
  • Terms of Service
  • Mobile Service
  • RSS Service
  • 고충처리인
  • hankookilbo
  • Dongwha Group
  • Code of Ethics
Copyright