lazarusholic

Everyday is lazarus.dayβ

3.20 Cyber Terror

#DarkSeoul

Summary

The “Whois Team” attacks against South Korean targets in March 2013 involved coordinated cyberattacks on banks and broadcasting companies, where systems were disrupted and in some cases rendered unusable, accompanied by website defacements and propaganda messages left by the attackers; the operation leveraged wiper-type malware designed to destroy data and disable machines, causing large-scale service outages (e.g., banking systems and media networks going offline simultaneously), and although the attacks appeared highly visible and targeted critical infrastructure—leading to classification as cyber-terrorism—analysis suggested the tools were relatively unsophisticated and attribution remained unclear, with uncertainty over whether it was a nation-state operation or hacktivist activity, highlighting an early example of destructive malware campaigns aimed at maximizing disruption rather than stealth or data theft.

Reports

2018-11-01
BaeSystems
Now you see it, now you don't: wipers in the wild
#DarkSeoul #Wiper #Youtube
2018-11-01
BaeSystems
Now you see it, now you don't: wipers in the wild
#DarkSeoul #Wiper
2018-10-30
FDD
Kim Jong Un’s ‘All-Purpose Sword’ North Korean Cyber-Enabled Economic Warfare
#DarkSeoul #Lazarus #WannaCry
2017-07-27
FSI
Campaign Rifle: Andariel the Maiden of Anguish
#Whitepaper #Andariel #Rifle #VANXATM #MAYDAY #XEDA #DESERTWOLF #BLACKSHEEP #INITROY #DarkSeoul #GhostRAT
2016-02-24
BlueCoat
FROM SEOUL TO SONY: THE HISTORY OF THE DARKSEOUL GROUP AND THE SONY INTRUSION MALWARE DESTOVER
#Blockbuster #Destover #DarkSeoul #SilentChollima
2015-11-23
PaloaltoNetworks
Inside TDrop2: Technical Analysis of new Dark Seoul Malware
#TDrop2 #DarkSeoul
2015-11-20
GIAC
Tracing the Lineage of DarkSeoul
#DarkSeoul
2015-11-18
PaloaltoNetworks
TDrop2 Attacks Suggest Dark Seoul Attackers Return
#TDrop2 #DarkSeoul
2014-12-31
KRCERT
악성코드 분석
#3.4DDoS #6.25CyberTerror #7.7DDoS #DarkSeoul
2014-12-23
Krebsonsecurity
The Case for N. Korea’s Role in Sony Hack
#DarkSeoul #Blockbuster #WHOisTeam #NewRomanicCyberArmyTeam
2014-03-28
Fortinet
CASE STUDY OF THE WIPER APT IN KOREA, AND BEYOND
#DarkSeoul #Slides
2013-10-07
KRCERT
국내 주요 인터넷 사고 경험을 통해 본 침해사고 현황
#6.25CyberTerror #7.7DDoS #DarkSeoul #3.4DDoS
2013-06-26
Symantec
Four Years of DarkSeoul Cyberattacks Against South Korea Continue on Anniversary of Korean War
#6.25CyberTerror #DarkSeoul
2013-04-24
Malware-reversing
South Korea Incident - New Malware samples
#DarkSeoul
2013-04-10
KRCERT
`3.20 사이버테러` 중간 조사결과 발표
#DarkSeoul
2013-04-02
Zataz
Dark South Korea Total War Review
#DarkSeoul
2013-03-29
Symantec
Are the 2011 and 2013 South Korean Cyberattacks Related?
#DarkSeoul
2013-03-23
NSHC
3.20 사이버 테러 악성코드 분석 보고서
#DarkSeoul
2013-03-23
piyokango
2013年3月に発生した韓国へのサイバー攻撃をまとめてみた
#DarkSeoul
2013-03-22
StolenByte
3.20 South Korea Cyber Attack
#DarkSeoul
2013-03-21
SecureWorks
Wiper Malware Threat Analysis
#DarkSeoul #Hastati #Wiper
2013-03-20
Symantec
South Korean Banks and Broadcasting Organizations Suffer Major Damage from Cyberattack
#DarkSeoul
2013-03-20
Kaspersky
South Korean ‘Whois Team’ attacks
#DarkSeoul #WHOisTeam #Wiper
2013-03-20
Sophos
DarkSeoul: SophosLabs identifies malware used in South Korean internet attack
#DarkSeoul
2013-03-20
NProtect
언론사 방송국, 금융사이트 부팅 불가 사고 발생
#DarkSeoul