South Korean ‘Whois Team’ attacks
Contents
Earlier today, reports of a number of cyberattacks against various South Korean targets hit the news.
The attackers, going by the handle ?Whois Team¦ left a number of messages during the defacements:
The code used for defacement, posted by an anonymous user to the ?pygments.org¦ forum (see http://pygments.org/demo/68313/) indicates several e-mails used by the attackers:
arrFadeTitles[1] = “[email protected]”;
arrFadeTitles[2] = “[email protected]”;
arrFadeTitles[3] = “[email protected]”;
arrFadeTitles[4] = “[email protected]”;
arrFadeTitles[5] = “[email protected]”;
The screenshots from victim-s computers indicate the at ?Wiper¦ type of malware was also used. We have previously written about two other ?Wiper¦-style malwares: Iranian Wiper and Shamoon.
So, is this an isolated incident or part of a bigger cyberwar campaign? Honestly speaking, we don-t know. If a nation state is NOT behind these attacks, then it’s just cyber-terrorism; cyberwar requires a nation state to be behind the attacks.
In general, if the attacks target critical infrastructure, they can be considered cyber-terrorism. According to the definition of critical infrastructure, banks …
The attackers, going by the handle ?Whois Team¦ left a number of messages during the defacements:
The code used for defacement, posted by an anonymous user to the ?pygments.org¦ forum (see http://pygments.org/demo/68313/) indicates several e-mails used by the attackers:
arrFadeTitles[1] = “[email protected]”;
arrFadeTitles[2] = “[email protected]”;
arrFadeTitles[3] = “[email protected]”;
arrFadeTitles[4] = “[email protected]”;
arrFadeTitles[5] = “[email protected]”;
The screenshots from victim-s computers indicate the at ?Wiper¦ type of malware was also used. We have previously written about two other ?Wiper¦-style malwares: Iranian Wiper and Shamoon.
So, is this an isolated incident or part of a bigger cyberwar campaign? Honestly speaking, we don-t know. If a nation state is NOT behind these attacks, then it’s just cyber-terrorism; cyberwar requires a nation state to be behind the attacks.
In general, if the attacks target critical infrastructure, they can be considered cyber-terrorism. According to the definition of critical infrastructure, banks …