South Korea Cyberattack Traced to China IP Address

But that doesn't mean North Korea is off the hook
By Mark Russell,  Newser Staff
Posted Mar 21, 2013 4:00 AM CDT
South Korea Cyberattack Traced to China IP Address
Customers use the automated teller machine at a branch of Shinhan Bank in Seoul, South Korea, earlier today.   (AP Photo/Lee Jin-man)

No one knows who launched yesterday's cyberattack in South Korea that crippled 32,000 computers at three TV broadcasters and three banks, but the attack has been traced to a Chinese IP address. That doesn't mean North Korea is in the clear, however; on the contrary, the North has been known to route its attacks through such addresses, and the revelation has only "strengthened speculation" that North Korea was at the wheel, reports the BBC.

The malware used in this attack is called "DarkSeoul" and was first identified a year ago, reports the New York Times. State-sponsored cyberattacks tend to be stealthy, but this malware was not disguised, leading some to question whether North Korean hackers were behind it—or whether the North wanted to send a clear message. "This could be the start of a full-fledged cyber war," one intelligence official tells the Chosun Ilbo, warning that the South's nuclear power plants and railways could be future targets. Meanwhile, the AP reports that as of today, only one of the six companies targeted is back online; the other five may not all be up and running until next week. (Read more South Korea stories.)

We use cookies. By Clicking "OK" or any content on this site, you agree to allow cookies to be placed. Read more in our privacy policy.
Get the news faster.
Tap to install our app.
Install the Newser News app
in two easy steps:
1. Tap in your navigation bar.
2. Tap to Add to Home Screen.