National
  • Politics
  • Diplomacy
  • Defense
  • Labor & Environment
  • Law & Crime
  • Health & Welfare
  • Embassy
  • Seoul & Provinces
  • Education
  • Foreign Communities
  • Obituaries
Biz & Tech
  • Auto
  • IT
  • Game
  • Manufacturing
  • Retail & Food
  • Energy
  • Construction
  • Airlines
Finance
  • Policies
  • Economy
  • Markets
  • Banks
  • Non-banks
Opinion
  • Editorial
  • Columns
  • Thoughts of the Times
  • Cartoon
  • Today in History
  • Blogs
  • Tribune Service
  • Blondie & Garfield
Lifestyle
  • Arts
  • Books
  • Travel & Cuisine
  • Trend
  • Fashion
  • Around Town
  • Fortune Telling
Entertainment
  • K-pop
  • K-dramas & Shows
  • Movies
  • Music
  • Performances
  • Asia Model Festival
Sports
  • Football
  • Golf
  • Baseball
  • Other Sports
World
  • Asia Pacific
  • Americas
  • Europe & Africa
  • SCMP
Video
  • On the Spot
  • Feature
  • News
Photos
  • Photo News
  • Darkroom
Community
  • Site Map
  • E-paper
  • Subscribe
  • Register
  • LogIn
  • Site Map
  • E-paper
  • Subscribe
  • Register
  • LogIn
Biz & Tech
  • Auto
  • IT
  • Game
  • Manufacturing
  • Retail & Food
  • Energy
  • Construction
  • Airlines
Mon, September 23, 2019 | 03:37
DDoS Malware Was Produced in Korea
Posted : 2009-07-27 18:11
Updated : 2009-07-27 18:11
By Kim Tong-hyung
Staff Reporter

The powerful Internet attack that crippled South Korean computers earlier this month may have been initiated by local hackers after all, according to a police report issued on Monday.

The National Police Agency's cyber crimes unit said the malicious software used for the recent distributed denial of service (DDoS) attacks were put out by two "Web hard" online storage sites, which manage commercial peer-to-peer transactions of files.

Authorities, including the Korea Communications Commission (KCC) and the National Intelligence Service (NIS), have been struggling to track down the source of the cyber criminals.

However, police investigators say that 21 of the 27 "zombie" computers they examined, which were infected and compromised by the malicious codes, were infected from programs originating from the two online storage sites.

Although the malicious software was distributed from Korean sites, the cyber attackers used four separate servers based overseas to control the programs after they reached computers.

"The DDoS attackers hacked two Korean Web sites, based in Seoul and Busan, and switched the program update files of the sites with their malicious codes," said a police officer.

"Users of these online storage sites unknowingly downloaded the malicious programs, thinking they were updating the programs for the peer-to-peer transactions. We found four foreign servers that we believed were used to issue the attack orders."

A DDoS attack occurs when multiple systems are flooded with traffic that overwhelms their bandwidth or resources. More than 80,000 South Korean computers were affected by the series of DDoS attacks that started on July 7, while the United States and China were also attacked, albeit less ferociously.

The malicious software used in the recent attacks was mostly "botnets," or software robots that run autonomously to initiate the DDoS attacks. The botnets compromise the infected computers and are manipulated by the command and control (C&C) system set up by the hackers.

A total of 432 servers based in 61 countries were used by the hackers for C&C operations in the recent attacks, police officials say. Through the C&C servers, the hackers attempted to steal information from the infected computers and used the devices to spread the malicious codes to other computers, and eventually, programmed the zombies to self-destruct.

According to data provided by German law enforcement authorities, about 98 percent of the 55,500-plus zombie computers that communicated with the C&C server based in Germany were Korean computers, the police agency said.

thkim@koreatimes.co.kr








 
 
  • Strong typhoon lashes southern part of Korea
  • Typhoon Tapah approaching Korea's southern region
  • Are you human?
  • US-NK could compromise on term 'denuclearization'
  • FM visits Busan to ensure successful Korea-ASEAN summit
  • Google to 'suffer' if it abandons Huawei
  • Moon due in New York for summit with Trump, UN session
  • NH Investment & Securities tops IPO market
  • Abe's reshuffle designed for constitutional revision: experts
  • Korea's pork exports to remain intact despite African swine fever: ministry
  • Malaysia bans Jennifer Lopez movie 'Hustlers'
  • K-pop sweetheart Park Ji-hoon makes small screen debut in 'Flower Crew'
  • 'Street Food Fighter 2' explores European, American food
  • 'Even death can't stop me from exploring the unexplored' [VIDEO]
  • Taylor Swift pulls out Melbourne Cup gig

  • North Korea's 'Holy Land'

  • US OPEN 2019

  • Devastated Amazon forest: The point of no return is approaching

  • Chaos in Hong Kong

  • Change your perspective and see the world in a new way

  • About Korea Times
  • CEO Message
  • Times History
  • Content Sales
  • Media Kit
  • Contact Us
  • Location
  • Privacy Statement
  • Terms of Service
  • Mobile Service
  • RSS Service
  • Ombudsman
  • Code of Ethics