Snappy newsletters. Simple Facebook sharing. Spirited comments. Sweet features are waiting… GET THEM NOW!

Hot on Facebook
Think You're Pretty Hot? You're Probably Wrong Study finds we have inflated vision of ourselves »

South Korea Cyberattack Traced to China IP Address

But that doesn't mean North Korea is off the hook

By Mark Russell,  Newser Staff

Posted Mar 21, 2013 4:00 AM CDT

(Newser) – No one knows who launched yesterday's cyberattack in South Korea that crippled 32,000 computers at three TV broadcasters and three banks, but the attack has been traced to a Chinese IP address. That doesn't mean North Korea is in the clear, however; on the contrary, the North has been known to route its attacks through such addresses, and the revelation has only "strengthened speculation" that North Korea was at the wheel, reports the BBC.

The malware used in this attack is called "DarkSeoul" and was first identified a year ago, reports the New York Times. State-sponsored cyberattacks tend to be stealthy, but this malware was not disguised, leading some to question whether North Korean hackers were behind it—or whether the North wanted to send a clear message. "This could be the start of a full-fledged cyber war," one intelligence official tells the Chosun Ilbo, warning that the South's nuclear power plants and railways could be future targets. Meanwhile, the AP reports that as of today, only one of the six companies targeted is back online; the other five may not all be up and running until next week.

Customers use the automated teller machine at a branch of Shinhan Bank in Seoul, South Korea, earlier today.
Customers use the automated teller machine at a branch of Shinhan Bank in Seoul, South Korea, earlier today.   (AP Photo/Lee Jin-man)
In this photo released by Korean Broadcasting System, KBS employees try to recover a computer server a day after a cyberattack caused computer networks at the company to crash, in Seoul, South Korea, today.
In this photo released by Korean Broadcasting System, KBS employees try to recover a computer server a day after a cyberattack caused computer networks at the company to crash, in Seoul, South Korea,...   (AP Photo/Korean Broadcasting System)
« Prev« Prev | Next »Next » Slideshow
My TakeCLICK BELOW TO VOTE
6%
14%
4%
8%
64%
4%
To report an error on this story, notify our editors.
COMMENTS
Showing 3 of 5 comments
iq145
Mar 22, 2013 12:08 AM CDT
So which is it? Make up your minds: http://www.newser.com/story/164742/pyongyang-blamed-as-s-korea-networks-crash.html
Goro
Mar 21, 2013 8:35 AM CDT
Seriously? DarkSeoul?  So we're to believe that they have the wit to use a play on words in English in naming their malware but they can't publish furniture assembly instructions with any clarity?   This smells of false flag to me.  There may be plenty of other reasons to be concerned about N. Korea / China but ever since the Spanish / American war through Gulf on Tonkin and "Curveball" from Iraq, we've been lied to again and again about where the threats are actually coming from.  A bit of caution is advisable here.
phlanx06
Mar 21, 2013 7:31 AM CDT
I knew it was china all along.

 
China North Korea South Korea cyberattack IP address malware Dark Soul malware

 
NEWS FROM OUR PARTNERS
Other Sites We Like:   24/7 Wall St.   |   BuzzFeed   |   Cracked   |   Timelines   |   POPSUGAR Tech   |   Business Insider   |   HuffPost Entertainment   |   NewsOne