- Right-wing sites falsely claimed group of Somalis attacked man in viral video 7 Years Ago
- Big creators risk losing checkmarks amid YouTube verification purge 7 Years Ago
- How to stream Eagles vs. Lions in NFL Week 3 action 7 Years Ago
- How to stream Steelers vs. 49ers in NFL Week 3 action Today 4:10 PM
- How to stream Bills vs. Bengals in NFL Week 3 action Today 4:03 PM
- Colt halts production of AR-15s for civilians Today 3:45 PM
- If you love long-winded, hashtag-heavy Instagram captions, these apps can help Today 2:54 PM
- Teen girls on TikTok have convinced the internet that they eat their tampons Today 2:33 PM
- Twitch streamer faces criticism for trying to defend racist jokes Today 2:03 PM
- How to stream Raiders vs. Vikings in Week 3 Today 12:55 PM
- NRA calls Beto O’Rourke ‘AR-15 salesman of the month’ in wake of buyback proposal Today 12:03 PM
- After 23 deaths, Sean Bean is tired of getting killed on-screen Today 11:48 AM
- Stephen Miller has a girlfriend—and people are stunned Today 11:35 AM
- Mickey Rourke says Robert De Niro iced him out of ‘The Irishman’ Today 11:07 AM
- Conservative men are melting down over Elizabeth Warren’s speech Today 10:40 AM
Who’s really behind that cyberattack on South Korea?
A North Korean group was the major suspect, but an IP address associated with the attack traces back to China.
The jury’s still out on who was behind Wednesday’s massive cyberattack on South Korea, and we may never know the culprit with certainty.
But we do know one thing: the hackers’ Internet protocol (IP) address traced back to China.
The attack, which paralyzed the networks of two banks and three television stations for a few hours, was certainly theatrical. A video showing what some affected computers looked like has found its way to YouTube. It depicts three robot-looking skulls, not unlike the series 800 Terminator, backlit with flashes of lighting. The hacker group, calling itself the Whois Team, wrote in oddly capitalized, unconversational English.
We have an Interest in Hacking.
This is the Beginning of Our Movement.
User Accounts and All Data are in Our Hands.
Unfortunately, We have deleted Your Data.
We’ll be back Soon.
It also advertises an email address, [email protected], that appeared to be inoperative when the Daily Dot attempted to contact the hackers.
This appears to run contrary to the most common speculation: that the attack was launched by the North Korean government. North Korea has long demonstrated it possesses the capability for these attacks; it’s hacked South Korean banks before. It also has the motive, considering the country announced Friday that it had been the victim of cyberattacks from South Korea and the U.S. and hinted that it would retaliate.
The presence of the WhoIs group raises more questions than answers. As Ars Technica notes, it seems there were multiple attacks at the same time, and it’s noteworthy that the attack seemed aimed for disruption, not for stealing data.
It’s also entirely possible that the WhoIs group is not behind most of the network attacks. A representative for LG Uplus, the Internet service provider used by all five of the hacked networks, initially claimed WhoIs was not responsible.
And as for that Chinese IP address? That could mean anything. The U.S. and China have each recently accused each other of attacks, each citing IP addresses coming from the other country. But it’s not much of a challenge for a hacker to spoof an IP address. Besides, as cybersecurity expert Jeff Carr previously told the Daily Dot, China is a perfect scapegoat for any hacker.
“China is probably the perfect target right now for every other country in the world that wants to do cyber-espionage,” he said. “All you’ve got to do is run it through a Chinese IP address. “
Screengrab via Vitahumor/YouTube
A former senior politics reporter for the Daily Dot, Kevin Collier focuses on privacy, cybersecurity, and issues of importance to the open internet. Since leaving the Daily Dot in March 2016, he has served as a reporter for Vocativ and a cybersecurity correspondent for BuzzFeed.