Uriminzokkiri, a China-based North Korean news website with close ties to Pyongyang, has been hacked. The site is currently inaccessible, companion websites have also been attacked and defaced, and it’s Twitter feed and Flickr pages have also been broken into.
The hack came hours after a list of apparently 9,000 registered users of the site was posted to the Internet.
The list contained user names, real names, email addresses, birth dates and other information including hashed passwords, which are the result of a process where a password is passed through an algorithm to disguise it. The attackers had apparently been able to break some of the simpler passwords, such as “123456,” and the password of the site administrator.
If the user ID and password of the site administrator was correct (North Korea Tech did not attempt to verify it by accessing the site), it would allow an intruder almost complete control over the site.
On Twitter, the Uriminzokkiri account saw it’s photo change to an illustration of a couple dancing the tango, the man with the Guy Fawkes mask that has become the symbol of the “Anonymous” hackers, and the words “Tango Down.”
The account was also used to send out information on the attacks:
One of the sites was changed to include a “wanted” poster that showed an illustration of Kim Jong Un with a Mickey Mouse tattoo and a pig’s nose and ears. Among the listed crimes: Threatening world peace with ICBMs and nuclear weapons, Wasting money while his people starve to death, Concentration camps and the worst human rights violation in the world.
The hack and the poster will likely be deeply embarrassing for the people running Uriminzokkiri and could land them in serious trouble with the authorities in Pyongyang.
In early 2011 the site’s Twitter channel was hacked and used to send out messages disparaging then-leader Kim Jong Il. It also carried a link to a YouTube that showed Kim Jong Un driving a sports car filled with birthday gifts while mowing down pedestrians.
After the hack Free North Korea Radio reported officials of the website had been questioned by investigators from Pyongyang over the hack.
The attack is the latest in a string of cyber-actions against North Korean Internet properties.