Cyberattack Objective-Spy On South Korea

Cyberattack Objective-Spy On South Korea

McAfee recently revealed through a comprehensive report that South Korea was the subject of a cyberattack in the past four years. The attack on two banks and three broadcasters may be a part of a bigger attack on the country.

The computer security company revealed that the objective of the hackers is to acquire military and government secrets of South Korea. The report revealed that the attack on targets in South Korea were the closing stages of a clandestine espionage operation against the country. The analysis of the company revealed that the MBR wiping was not limited to simple cybervandalism.

Last March, South Korean servers were the subject of a coordinated cyberattack that resulted to the erasure of data from thousands of computers in the country. China was initially blamed for the attack, however the government later indicated that North Korea was behind the hack.

The source of the attack has yet to be established, McAfee revealed. However, the company was able to gather additional information about the hackers and the way the attack was implemented.

The attack was initially called “Dark Seoul” before being called “Operation Troy.” McAfee revealed that two groups collaborated in the attack. The two groups were called "NewRomanic Cyber Army Team" and the "Whois Team."

A wiper and two Trojans were the utilized in the cyberattack. The malware installed themselves into the computers of users through file transfers coming from discussion forums and online bulletin boards. McAfee added that the malware is capable of spying on the computers of the users and wipe out the hard drive after it is installed.

The report indicated that McAfee Labs can link the Dark Seoul and other attacks to a clandestine, continuing operation that shows the main objective of the attack. The main object was to spy and interrupt activities of the South Korean government and military establishments.

The analysis of McAfee determined that the Operation Troy cyberattack was mainly aimed at gathering intelligence from military targets in South Korea.

Posted by James Fried on Tuesday July 09 2013, 4:13 AM EST. Ref: CNET. Link. All trademarks acknowledged. Filed under Featured News, World. Comments and Trackbacks closed. Follow responses: RSS 2.0