Download the
Tom's Guide App from the AppsStore
News and trends on internet
/ mobile / "sound & picture" / IT
Yes No

Last Week's Cyber Attacks Exposed Data

- By - Source : Tom's Guide US

According to Korean police, hackers retrieved data during last week's attacks.

A report from South Korean police today said that hackers actually extracted data during last week's cyber attacks. The data was stolen from computers that were infected by a virus triggering four waves of DDoS attacks on U.S. and South Korean government and business websites.

Last Friday it was also believed that the viruses on the infected computers would self-destruct and either format the host hard drive, or encrypt the drive's data, covering its tracks. However, the South Korean police said that the assaulted websites did not suffer data loss.

An Chan-Soo, a senior police officer investigating the cyber attacks, said that the South Korean police came to this conclusion after analyzing the malicious code found on around twenty four infected computers. The good news is that the hackers only retrieved lists of files, not the actual files stored on the hard drive. "It's like hackers taking a look inside the computers," he said. "We're trying to figure out why they did this."

He also added that the extracted files were actually sent to 416 computers in 59 countries, 15 of which were located within South Korea. Some lists were discovered in 12 receiver computers, and the police are now trying to verify if the hackers broke into those PCs and stole the lists. Currently the hackers remain unidentified, and their base of operations undetermined. 

Although another wave was expected to hit personal PCs on Friday, no additional waves of DDoS attacks have taken place since Thursday. As of Monday morning, South Korea's spy service, the National Intelligence Services (NIS), lowered the country's cyber attack alert. The NIS said Saturday that it has "various evidence" pointing to North Korea's involvement, however the spy agency also said that it had not come to a final conclusion.

The Korea Communications Commission reported earlier today that it has blocked another IP address in Britain based on information given by a Vietnamese antivirus firm. The IP address was used in last week's attacks.

Share:
10
Comments
X

Comments

Raidur 07/15/2009 1:45 AM
Hide
-13+

South Korea says this. South Korea says that. South Korea wants the US to hit the North with a baseball bat.

cruiseoveride 07/15/2009 2:15 AM
Hide
-5+

God this is sounding like a Mission Impossible movie.


Save the LIST!

Anonymous 07/15/2009 2:20 AM
Hide
-1+

So, since according to other websites, the main server used for the attack was located in the UK, can we just assume that the US always blames it's "enemies" for everything? The "axis of evil" hasn't done a damn thing to us TBH.

okibrian 07/15/2009 2:54 AM
Hide
--2+

This cannot be the work of North Korea. They are still using Commodore Vic 20's with Vic Modems.

Anonymous 07/15/2009 4:06 AM
Show
RicardoK 07/15/2009 5:40 AM
Hide
-1+

Why would hackers want to look on a file list?? To get a better target so they can, next time, download any file they want on the target.. What else?

okibrian 07/15/2009 6:45 AM
Hide
--2+

Gee, I guess I offended one North Korean out there. Or maybe you are just too dumb to know what a Vic 20 is. Either way, piss off.

ravenware 07/15/2009 8:15 AM
Hide
-0+

yawn....

Kill@dor 07/15/2009 4:06 PM
Hide
-0+

No one should jump to conclusions...we have no idea who is really doing this but i have a slight feeling its pointing at N. Korea...not just based on the news, but a hunch. They could be just looking for something specific and did not find it yet...

rooket 07/15/2009 10:41 PM
Hide
-0+

What's the point, South Korea probably isn't even nuclear armed. Seems like the North would be just wasting time doing this stuff.

Submit my comment

See more