Security
Thousands more DPRK-related website account details published
Apr 21st
The personal details of thousands of users of three North Korean-related websites have been published by hackers.
The details include names, email addresses, user names and in some cases addresses and phone numbers of people to the three sites: the Japan-based Choson Sinbo (조선신보, 朝鮮新報) newspaper, the China-based Ryomyong (려명) site and the U.S.-based Korea American National Coordinating Council (재미동포전국연합회).
The details were apparently stolen by hackers working under the banner of the Anonymous group, who have been attacking North Korean-related websites for the last few weeks.
The largest database dump was that of the Choson Sinbo, which contained 3,667 records. The Ryomyong database numbered just over 1,300 users More >
Hackers leak more user details
Apr 17th
A fresh batch of user names and personal details of people subscribing to North Korean-related websites has been published by hackers. They are the result of weekend attacks on the websites minjok.com and paekdu-hanna.com, two U.S.-based websites.
Links to the information were posted on Twitter by accounts associated with the loosely coordinated hacker group “Anonymous.” The group previously claimed credit for the attacks.
Minjok.com is the site of Minjok Tongshin, which carries Korean and English-language news about North Korea. The English articles are mostly culled from other media. Paekdu-hanna is an associated site that appears to be run by the same group.
Of More >
DPRK protests results of hacking probe
Apr 13th
The DPRK is loudly protesting the preliminary results of a South Korean investigation that found it was behind widespread computer disruption that hit several TV stations and banks on March 20. [Updated, see below.]
The computer attacks wiped clean the hard disk drives of around 48,000 personal computers and servers inside broadcasters KBS, MBC and YTN, and the Shinhan, Nonghyup and Jeju Banks.
In an almost 2,000 word response carried on the state-run KCNA newswire, the main results of the investigation were picked through and discounted. The article, which came a day after Seoul disclosed its findings, was attributed to a spokesman for the General Staff of More >
South fingers North in March cyberattacks
Apr 11th
South Korea’s government has concluded the March 20 cyberattacks that hit three of the country’s TV broadcasters and three of its banks were launched by attackers linked to the North Korean government.
The attacks began at 2pm local time on March 20 and caused the complete deletion of data on hard disk drives in roughly 48,000 personal computers inside broadcasters KBS, MBC and YTN, and the Shinhan, Nonghyup and Jeju Banks.
North Korean hackers were suspected almost immediately although unusually the government in Seoul wasn’t quick to point its finger. Officials launched an investigation and it was the preliminary conclusions of that work More >
Uriminzokkiri restoring after hack
Apr 7th
This week’s hack of the Uriminzokkiri website certainly raised the bar in the cyber battle currently playing out online.
It marked the first time in the current round of attacks that anyone had managed to break in and deface a North Korean website. Over the last couple of weeks, several sites have been taken offline by denial of service attacks, but such attacks simply impede the website’s ability to serve pages and don’t affect the content.
This time around the attack saw the site removed and its Twitter and Flickr channels accessed. The Flickr channel is back under a new account, it appears More >
Uriminzokkiri, companion websites hacked
Apr 4th
Uriminzokkiri, a China-based North Korean news website with close ties to Pyongyang, has been hacked. The site is currently inaccessible, companion websites have also been attacked and defaced, and it’s Twitter feed and Flickr pages have also been broken into.
The hack came hours after a list of apparently 9,000 registered users of the site was posted to the Internet.
The list contained user names, real names, email addresses, birth dates and other information including hashed passwords, which are the result of a process where a password is passed through an algorithm to disguise it. The attackers had apparently been able to break More >
Hackers claim 15,000 Uriminzokkiri user records
Apr 2nd
A hacker or hackers working under the umbrella of “Anonymous” claims to have broken into Uriminzokkiri.com, the North Korean-run site based in China, and taken over 15,000 user records.
A message posted online makes the claim and includes details for six accounts, apparently showing user names, e-mail addresses, birth dates, and hashed passwords.
These are passwords that have been run through an algorithm to come out as something that contains the essence of it. It’s an alternative to storing the password in plain text and helps guard against losing passwords during hacks like the one apparently conducted on Uriminzokkiri.com.
Of the six users, More >
More attacks pledged on North Korean websites
Apr 1st
People who apparently took part in this weekend’s denial of service attacks against several major North Korean websites have promised there’s more to come.
The attacks hit sites including KCNA, Voice of Korea, the Committee for Cultural Relations with Foreign Nations and Air Koryo. They also targeted the Korean Friendship Association’s site although I wasn’t able to verify whether it went down.
A denial of service attack involves flooding a web server with so much traffic that it becomes overloaded and cannot respond to legitimate requests for pages. It’s different from the site being hacked, although the end result is similar in More >
#OpNorthKorea brings more attacks on DPRK websites
Mar 30th
A new round of attacks against North Korean websites began Saturday, causing several to become unavailable.
The attacks appear to be part of a loosely coordinated effort by hackers to target North Korean sites after the country’s state-run media said relations with South Korea were “at a state of war.”
As of 3pm Korean time (0600 UTC) on Saturday, attempts to contact the Naenara, Korean Central News Agency, Air Koryo and Voice of Korea all failed.
The sites were hit with an apparent DDoS (distributed denial of service) attack in which the web servers are flooded with so much junk traffic from hackers More >
South Korean sites hit by cyber attacks
Mar 27th
Several South Korean websites that specialize in reporting on North Korean issues were hit by cyber attackers on Tuesday, they said late the same day.
Daily NK and Free North Korea Radio both confirmed the attacks in articles posted on their sites. They were said to begin at 2pm local time (0500 UTC) and resulted in the sites being unavailable for some time.
“The attack was aimed at databases and was designed to blow away the entire system. Based on this, we can say that their target was clearly pre-ordained and the aim was to completely incapacitate it,” the Daily NK said More >
