- Fan uncovers ‘Westworld’ trailers hidden on fictional company’s website Sunday 8:18 PM
- This trending Twitter hashtag is a lot less sexy than you think Sunday 7:23 PM
- TikTok users share life-changing realizations they’ve had while in the shower Sunday 7:04 PM
- People are torn over viral TikTok of girl cleaning friend’s room Sunday 4:01 PM
- Did Pete Buttigieg seriously just rip-off a famous Obama speech? Sunday 2:50 PM
- The most dangerous TikTok challenges we’ve seen—so far Sunday 2:22 PM
- PewDiePie wants Bernie Sanders to host meme review Sunday 1:44 PM
- Hilary Duff records confrontation with ‘creep’ taking photos of kids Sunday 1:08 PM
- BTS may have used Twitch streamer’s voice in song without permission Sunday 12:15 PM
- Gigi Hadid absolutely obliterates Jake Paul over Zayn Malik diss Sunday 10:26 AM
- People really want Chris Matthews fired after he compared Sanders’ Nevada win to Nazi invasion of France Sunday 9:35 AM
- Bernie Sanders wins Nevada Caucuses Saturday 6:54 PM
- MSNBC is out of its mind over Sanders leading Nevada Saturday 5:20 PM
- Kim Kardashian dragged for using makeup to darken her hands Saturday 4:13 PM
- TikTok users show how they turned their vehicles into incredible tiny homes Saturday 3:44 PM
Who’s really behind that cyberattack on South Korea?
A North Korean group was the major suspect, but an IP address associated with the attack traces back to China.
The jury’s still out on who was behind Wednesday’s massive cyberattack on South Korea, and we may never know the culprit with certainty.
But we do know one thing: the hackers’ Internet protocol (IP) address traced back to China.
The attack, which paralyzed the networks of two banks and three television stations for a few hours, was certainly theatrical. A video showing what some affected computers looked like has found its way to YouTube. It depicts three robot-looking skulls, not unlike the series 800 Terminator, backlit with flashes of lighting. The hacker group, calling itself the Whois Team, wrote in oddly capitalized, unconversational English.
We have an Interest in Hacking.
This is the Beginning of Our Movement.
User Accounts and All Data are in Our Hands.
Unfortunately, We have deleted Your Data.
We’ll be back Soon.
It also advertises an email address, [email protected], that appeared to be inoperative when the Daily Dot attempted to contact the hackers.
This appears to run contrary to the most common speculation: that the attack was launched by the North Korean government. North Korea has long demonstrated it possesses the capability for these attacks; it’s hacked South Korean banks before. It also has the motive, considering the country announced Friday that it had been the victim of cyberattacks from South Korea and the U.S. and hinted that it would retaliate.
The presence of the WhoIs group raises more questions than answers. As Ars Technica notes, it seems there were multiple attacks at the same time, and it’s noteworthy that the attack seemed aimed for disruption, not for stealing data.
It’s also entirely possible that the WhoIs group is not behind most of the network attacks. A representative for LG Uplus, the Internet service provider used by all five of the hacked networks, initially claimed WhoIs was not responsible.
And as for that Chinese IP address? That could mean anything. The U.S. and China have each recently accused each other of attacks, each citing IP addresses coming from the other country. But it’s not much of a challenge for a hacker to spoof an IP address. Besides, as cybersecurity expert Jeff Carr previously told the Daily Dot, China is a perfect scapegoat for any hacker.
“China is probably the perfect target right now for every other country in the world that wants to do cyber-espionage,” he said. “All you’ve got to do is run it through a Chinese IP address. “
Screengrab via Vitahumor/YouTube
A former senior politics reporter for the Daily Dot, Kevin Collier focuses on privacy, cybersecurity, and issues of importance to the open internet. Since leaving the Daily Dot in March 2016, he has served as a reporter for Vocativ and a cybersecurity correspondent for BuzzFeed.