Related News
Hackers tried to steal information, Seoul police say
HACKERS extracted lists of files from computers they contaminated with the virus that triggered cyber attacks last week in the United States and South Korea, police in Seoul said yesterday.
The attacks, in which floods of computers tried to connect to a single Website at the same time to overwhelm the server, caused outages on prominent government-run sites in both countries.
The finding means that hackers not only used affected computers for Web attacks, but also attempted to steal information from them. That adds to concern that contaminated computers were ordered to damage their own hard disks or files after the Web assaults.
Still, the new finding does not mean information was stolen from attacked Websites, such as those of the White House and South Korea's presidential Blue House, police said. It also does not address suspicions about North Korea's involvement.
Police reached those conclusions after studying a malicious computer code in an analysis of about two dozen computers - a sample of the tens of thousands of that were infected with the virus that triggered the attacks, said An Chan-soo, a senior police officer investigating the cyber attacks. The officer said only lists of files were extracted, not the files themselves.
"It's like hackers taking a look inside the computers," An said. "We're trying to figure out why they did this."
Extracted file lists were sent to 416 computers in 59 countries, 15 of them in South Korea. Police have found some file lists in 12 receiver computers and are trying to determine whether hackers broke into those systems and stole the lists, An said.
Investigators have yet to identify the hackers or determine where they operated from. Dozens of high-profile US and South Korean Websites were targeted.
There have been no new Web attacks since the last wave was launched on Thursday.
South Korea's spy agency, the National Intelligence Service, lowered the country's cyber attack alert on Monday as affected Websites returned to normal.
The agency's National Cyber Security Center told ruling party lawmakers yesterday that the attacks were presumed to have been either a practice run or of a preliminary nature.
Calls to the ruling party spokesman were not answered. The National Cyber Security Center declined to comment.
North Korea is suspected of involvement. The spy agency told lawmakers last week that a North Korean military research institute had been ordered to destroy the South's communication networks, local media reported.
The attacks, in which floods of computers tried to connect to a single Website at the same time to overwhelm the server, caused outages on prominent government-run sites in both countries.
The finding means that hackers not only used affected computers for Web attacks, but also attempted to steal information from them. That adds to concern that contaminated computers were ordered to damage their own hard disks or files after the Web assaults.
Still, the new finding does not mean information was stolen from attacked Websites, such as those of the White House and South Korea's presidential Blue House, police said. It also does not address suspicions about North Korea's involvement.
Police reached those conclusions after studying a malicious computer code in an analysis of about two dozen computers - a sample of the tens of thousands of that were infected with the virus that triggered the attacks, said An Chan-soo, a senior police officer investigating the cyber attacks. The officer said only lists of files were extracted, not the files themselves.
"It's like hackers taking a look inside the computers," An said. "We're trying to figure out why they did this."
Extracted file lists were sent to 416 computers in 59 countries, 15 of them in South Korea. Police have found some file lists in 12 receiver computers and are trying to determine whether hackers broke into those systems and stole the lists, An said.
Investigators have yet to identify the hackers or determine where they operated from. Dozens of high-profile US and South Korean Websites were targeted.
There have been no new Web attacks since the last wave was launched on Thursday.
South Korea's spy agency, the National Intelligence Service, lowered the country's cyber attack alert on Monday as affected Websites returned to normal.
The agency's National Cyber Security Center told ruling party lawmakers yesterday that the attacks were presumed to have been either a practice run or of a preliminary nature.
Calls to the ruling party spokesman were not answered. The National Cyber Security Center declined to comment.
North Korea is suspected of involvement. The spy agency told lawmakers last week that a North Korean military research institute had been ordered to destroy the South's communication networks, local media reported.
- About Us
- |
- Terms of Use
- |
- RSS
- |
- Privacy Policy
- |
- Contact Us
- |
- Shanghai Call Center: 962288
- |
- Tip-off hotline: 52920043
- 沪ICP证:沪ICP备05050403号-1
- |
- 互联网新闻信息服务许可证:31120180004
- |
- 网络视听许可证:0909346
- |
- 广播电视节目制作许可证:沪字第354号
- |
- 增值电信业务经营许可证:沪B2-20120012
Copyright © 1999- Shanghai Daily. All rights reserved.Preferably viewed with Internet Explorer 8 or newer browsers.