Hackers claim 15,000 Uriminzokkiri user records

130401-anon-uriminzokkiriA hacker or hackers working under the umbrella of “Anonymous” claims to have broken into Uriminzokkiri.com, the North Korean-run site based in China, and taken over 15,000 user records.

A message posted online makes the claim and includes details for six accounts, apparently showing user names, e-mail addresses, birth dates, and hashed passwords.

These are passwords that have been run through an algorithm to come out as something that contains the essence of it. It’s an alternative to storing the password in plain text and helps guard against losing passwords during hacks like the one apparently conducted on Uriminzokkiri.com.

Of the six users, three have Korean names and the other three appear to be Chinese.

Four of the six users have Chinese email addresses, there’s a Hotmail address and one South Korean address that apparently belongs to KEPCO KDN, a smart-gird systems provider that’s part of the Korea Electric Power Co. But that South Korean address could be fake. If all the data in the records are to be believed, one of the users was born on June 1, 1900.

Aside from the user records, the message includes the rationale for the hack and a protest against the governments of both the United States and DPRK.

North Korean government is increasingly becoming a threat to peace and freedom. Don’t misunderstand us: As well we disagree with the USA government too – these guys are crooks, USA is a threat to world peace too, and direct democracy (or any kind of democracy) doesn’t exist there. The American government is a target and enemy of Anonymous as well!
This is not about country vs country – This is about we, the people, the 99% (of USA and of North Korea) vs oppressing and violent regimes (like USA gov. and N.K. gov)! We, the people, are gathering together because we are stronger now and we won’t fight your wars anymore, we won’t eat your shit anymore!!!

It then went on to make a series of demands:

We demand:
– N.K. government to stop making nukes and nuke-threats
– Kim Jong-un to resign
– it’s time to install a free direct democracy in North Korea
– uncensored internet access for all the citizens!

To Kim Jong-un:
So you feel the need to create large nukes and threaten half the world with them?
So you’re into demonstrations of power?, here is ours:
– We are inside your local intranets (Kwangmyong and others)
– We are inside your mailservers
– We are inside your webservers
Enjoy these few records as a proof of our access to your systems (random innocent citizens, collateral damage, because they were stupid enough to choose idiot passwords), we got all over 15k membership records of www.uriminzokkiri.com and many more. First we gonna wipe your data, then we gonna wipe your badass dictatorship “government”.

It’s worth noting that while sample data was included for Uriminzokkiri.com, there was no evidence supplied that supported the assertion that web and mail servers in North Korea or anything on the domestic intranet system had been accessed.

Getting onto the domestic intranet is highly unlikely based on our current understanding of the network. It’s believed to be totally separate from the Internet with no network link between the two for security purposes. So a proven hack would be very interesting.

The message ends:

To the citizens of North Korea we suggest to rise up and bring these motherfuckers of a oppressive government down!
We are holding your back and your hand, while you take the journey to freedom, democracy and peace.
You are not alone.
Don’t fear us, we are not terrorist, we are the good guys from the internet. AnonKorea and all the other Anons are here to set you free.

The claim comes as access to North Korean websites is returning to normal after a series of attacks made them difficult or impossible to access over the weekend. The attacks took place under the Twitter hashtag #OpNorthKorea.

More are planned, for both April 19 and June 25.

1 Comment on "Hackers claim 15,000 Uriminzokkiri user records"

  1. That SQLi has existed for quite a while.

Comments are closed.

An affiliate of 38 North