Email a Friend
IP address traced to cyber-attack victim
The recent cyber-attack on South Korea may not have come from China after all – regulator.
SEOUL - This week's cyber-attack on South Korean broadcasters and banks may not have originated in China after all as the IP address has been traced to one of the victim banks, the communications regulator said on Friday.
But it couldn't rule anything out, it added.
Hackers on Wednesday brought down the networks of three broadcasters and two banks, initially seen as the work of North Korea using its vast army of "cyber-warriors" to cripple computer servers.
Officials in Seoul originally said they had traced the breach to a server in China, a country that has been used by North Korean hackers in the past.
North Korea has threatened to attack both South Korea and the United States after it was hit with further UN sanctions for its nuclear test in February.
But the Korea Communications Commission said closer investigation into the attack on NongHyup Bank showed the IP address was a virtual IP address used within the bank for internal purposes.
The IP address by coincidence matched an address registered in China, it said.
The regulator said it could not rule anything out. There were signs the malicious code used came through an overseas route and a single entity was likely responsible for the attack on all six targets.
Why the aid sector should be working with business to solve global challenges
This is why, despite challenges, Africa can still rise
Jordanian writer shot dead outside court before trial over cartoon
US, Russia trade blows over Syria as warplanes pound Aleppo
IUCN paints a bleak picture for Africa’s elephant population
Trump, Netanyahu discuss Islamic State, Iran, Palestinians in meeting