North Korea

DPRK Mum as Hackers Dump Sony Pictures Data Online

The hack of Sony Pictures Entertainment has taken a turn for the worse, as evidence has turned up that suggests hackers have ransacked the networks of the high-profile studio, dumping everything from unreleased films to detailed business and employee records online. A spokesman for the Democratic People’s Republic of Korea (DPRK) did not explicitly deny or take responsibility for the attack when contacted by the BBC, telling the British news agency that “the hostile forces are relating everything to [North Korea]. I kindly advise you to just wait and see.” Sony Pictures’ network was attacked using destructive “wiper” malware last week that stole and exfiltrated data from the company, then erased data on infected PCs and servers. An FBI FLASH alert sent to U.S. firms provided details on the malware, including its use of a hard-coded list of IP addresses and hostnames, and the inclusion of configuration files created on computers […]

FBI: Destructive Malware Used Korean Language Packs

In a first, the F.B.I has issued a warning to U.S. businesses to be on the lookout for destructive malware that was used in an attack last week on Sony Pictures Entertainment. The FBI issued a five-page “FLASH” warning to security professionals at U.S. companies to warn them of the new malware. A copy of the warning viewed by The Security Ledger revealed that the malware deployed a number of malicious modules, including a version of a commercial disk wiping tool on target systems. Samples of the malware obtained by the FBI contained configuration files created on systems using Korean language packs. The use of Korean could suggest a link to North Korea, though it is hardly conclusive. It does appear that the attack was targeted at a specific organization. The malware analyzed by the FBI contained a hard coded list of IP addresses and computer host names. Media reports have linked the malware to the […]