Cyber Attacks May Have Originated in U.K.

By Kevin Parrish, published on July 15, 2009 at 6:50 PM
Source: Tom's Guide US | Keywords: , , , , | Themes: The Internet
Syndication: Add to your Google homepage Add to My Yahoo!

A security firm is reporting that last week's attacker weren't from North Korea after all.

Nguyen Minh Duc, senior security director at Bach Khoa Internetwork Security (Bkis) in Vietnam, is claiming that last week's cyber attacks on the United States and South Korea originated in Britain, not North Korea. His analysis is based on data collected that actually contradicts the findings of South Korea and the U.S. It was also reported over the weekend that an IP address originating in Britain was blocked by the Korea Communications Commission. Coincidence? Probably not.

According to Mr. Duc, the infected computers comprising the malicious army flooding websites such as the White House, the Treasury, the FTC, and the National Intelligence Services broadcasted requests every three minutes to one of eight servers. Mr. Duc said that Bkis gained control of two servers that in turn were used to hunt down the master server using an IP range 195.90.118.x. He said that the IP is registered to the Global Digital Broadcast in the U.K.

"Having located the attacking source in UK, we believed that it is completely possible to find out the hacker," he told Daily Tech.

The data collected from the master server indicated that 166,908 PCs in 74 countries were infected. Most of those resided in South Korea, followed by Australia, China, the U.S., Vietnam, and five other countries.

Comments | Print | Send to a friend

Sponsored links

Comments

StumpyStumped 07/16/2009 12:58 PM
Hide
-4+

woohooo, australia is way up there, great effort considering our population :)

matt87_50 07/16/2009 1:39 AM
Hide
-2+

stumpystumped :
woohooo, australia is way up there, great effort considering our population



well we are the same country that thinks filtering the internet is a good idea that will work, and thinks an r18+ rating for games is witchcraft. clearly not the most tech/security savvy ppl...

Anonymous 07/16/2009 8:59 AM
Hide
-1+

Mr. Nguyen... The family name comes first in Vietnam.

ravenware 07/16/2009 11:34 AM
Hide
-0+

yawn....

caskachan 07/16/2009 11:36 AM
Hide
-0+

IM BEHIND 7 PROXIES

LePhuronn 07/16/2009 1:34 PM
Hide
-1+

Or the IP was spoofed

Kill@dor 07/16/2009 6:05 PM
Hide
-0+

If its taking this long to find out they might as well give up...they probably won't find the dude.

acecombat 07/16/2009 11:43 PM
Hide
-0+

LePhuronn :
Or the IP was spoofed


Or they were using someones unsecured wireless interweb connection.

mavroxur 07/17/2009 12:55 PM
Hide
-0+

Ok, the first installment of this saga was "Attacks came from North Korea", and then we had "Attacks actually came from United States". Now we have "Attacks really really came from UK".

Let's just cut to the chase...

"We have no f'ing idea where the attacks came from"

Submit my comment

Sponsored links