Hacking
Anonymous attacks North Korean sites again
May 13th
A weekend attack on North Korean websites staged by members of the Anonymous hacker group appears to have caused some problems for the sites.
Connections to several major Pyongyang-based sites, including the Korean Central News Agency and Voice of Korea, were slow although successful in several tests done in the first few hours of the coordinated attack, which began at 1am GMT on Sunday.
Those results are in contrast to a previous series of attacks that took the sites offline for days. That difference was acknowledged by an Anonymous Korea Twitter message:
North Korea has reconfigured its Internet connection since the last round More >
Anonymous promises more website attacks this weekend
May 11th
Members of the Anonymous hacking group say they are planning to re-launch attacks on North Korean websites from Sunday. [Updated. See below.]
In messages posted to Twitter, several Anonymous members said the “#OpNorthKorea” attacks would resume on May 12 from 1am GMT, that’s 10am in the morning Pyongyang time.
OpNorthKorea first began in late March, shortly after North Korean media said relations between it and South Korea were “at a state of war.” It took the form of a distributed denial of service (DDoS) attack, which involves flooding a website with so many requests for data that it becomes overloaded.
The attacks were successful in More >
Hacker publishes North Korean website hit list
May 7th
An unidentified Internet user posting under the name of the Anonymous hacking collective has published a “hit list” of North Korean websites.
The list is said to be related to a coordinated attack that hackers appear to be planning for June 25. The action is part of “OpNorthKorea,” which previously took sites in North Korea and China offline in a series of distributed denial of service attacks.
The message appears to have been translated from another language, probably Korean, into English and includes sites based in China, Japan, the U.S., Spain and a single website in Pyongyang.
The source of the list is unclear More >
Choson Sinbo reacts to user database hack
Apr 24th
Choson Sinbo (조선신보, 朝鮮新報), the newspaper of the DPRK-affiliated Korean community in Japan, has apologized to its readers after its user database was leaked over the weekend by hackers.
The Tokyo-based newspaper ran an apology on its website in both Korean and Japanese in which it acknowledged the Saturday attack resulted in the disclosure of private information about registered users of the web site.
The database, seen by NorthKoreaTech.org, contained the usernames and email addresses of 3,667 registered users. The vast majority of the users appear to be based in Japan and the email addresses leaked include those of companies, universities, personal addresses and cell phones.
In reaction to the attack, More >
Thousands more DPRK-related website account details published
Apr 21st
The personal details of thousands of users of three North Korean-related websites have been published by hackers.
The details include names, email addresses, user names and in some cases addresses and phone numbers of people to the three sites: the Japan-based Choson Sinbo (조선신보, 朝鮮新報) newspaper, the China-based Ryomyong (려명) site and the U.S.-based Korea American National Coordinating Council (재미동포전국연합회).
The details were apparently stolen by hackers working under the banner of the Anonymous group, who have been attacking North Korean-related websites for the last few weeks.
The largest database dump was that of the Choson Sinbo, which contained 3,667 records. The Ryomyong database numbered just over 1,300 users More >
Hackers leak more user details
Apr 17th
A fresh batch of user names and personal details of people subscribing to North Korean-related websites has been published by hackers. They are the result of weekend attacks on the websites minjok.com and paekdu-hanna.com, two U.S.-based websites.
Links to the information were posted on Twitter by accounts associated with the loosely coordinated hacker group “Anonymous.” The group previously claimed credit for the attacks.
Minjok.com is the site of Minjok Tongshin, which carries Korean and English-language news about North Korea. The English articles are mostly culled from other media. Paekdu-hanna is an associated site that appears to be run by the same group.
Of More >
South fingers North in March cyberattacks
Apr 11th
South Korea’s government has concluded the March 20 cyberattacks that hit three of the country’s TV broadcasters and three of its banks were launched by attackers linked to the North Korean government.
The attacks began at 2pm local time on March 20 and caused the complete deletion of data on hard disk drives in roughly 48,000 personal computers inside broadcasters KBS, MBC and YTN, and the Shinhan, Nonghyup and Jeju Banks.
North Korean hackers were suspected almost immediately although unusually the government in Seoul wasn’t quick to point its finger. Officials launched an investigation and it was the preliminary conclusions of that work More >
Uriminzokkiri restoring after hack
Apr 7th
This week’s hack of the Uriminzokkiri website certainly raised the bar in the cyber battle currently playing out online.
It marked the first time in the current round of attacks that anyone had managed to break in and deface a North Korean website. Over the last couple of weeks, several sites have been taken offline by denial of service attacks, but such attacks simply impede the website’s ability to serve pages and don’t affect the content.
This time around the attack saw the site removed and its Twitter and Flickr channels accessed. The Flickr channel is back under a new account, it appears More >
Uriminzokkiri, companion websites hacked
Apr 4th
Uriminzokkiri, a China-based North Korean news website with close ties to Pyongyang, has been hacked. The site is currently inaccessible, companion websites have also been attacked and defaced, and it’s Twitter feed and Flickr pages have also been broken into.
The hack came hours after a list of apparently 9,000 registered users of the site was posted to the Internet.
The list contained user names, real names, email addresses, birth dates and other information including hashed passwords, which are the result of a process where a password is passed through an algorithm to disguise it. The attackers had apparently been able to break More >
Hackers claim 15,000 Uriminzokkiri user records
Apr 2nd
A hacker or hackers working under the umbrella of “Anonymous” claims to have broken into Uriminzokkiri.com, the North Korean-run site based in China, and taken over 15,000 user records.
A message posted online makes the claim and includes details for six accounts, apparently showing user names, e-mail addresses, birth dates, and hashed passwords.
These are passwords that have been run through an algorithm to come out as something that contains the essence of it. It’s an alternative to storing the password in plain text and helps guard against losing passwords during hacks like the one apparently conducted on Uriminzokkiri.com.
Of the six users, More >
