Seoul Mega Malware Wipe
There's a long and winding road ahead for Seoul, South Korea
After a malware plague froze and crippled all of its major banks, television stations, and so forth.
The financial institutions, insurance firms, and TV channels involved include Shinhan Bank, Nonghyup Bank, Jeju Bank, YTN, MBC, ISP LG Uplus, and KBS, among many others.
Shinhan's ATMs were down, ISP LG U was compromised, and so forth had trouble functioning thanks to the data wipe that rendered computers inoperable at the time.
With that said, the NCIA or National Computing and Information Agency claims that South Korean government networks are still safe from harm.
At any rate, it was corporate patching systems that were deemed the culprit on why the malware was able to spread so fast.
More to the point, the malicious code that knocked out the computers of TV stations and banks earlier on last week made use of the patching systems that, ironically, were supposed to protect the PCs, to introduce the nasty viral infections that made the digital destruction possible.
The devastating malware that was identified as Jokra Trojan by Symantec and DarkSeoul by Sophos) was able to cripple entire systems by doing data wipes through their hard drives, which prevented boot ups and deleted important information contained within the machine (had they not been backed up properly).
At first, researchers believed the malware was spread via a single Chinese IP address.
To be more specific, it was said by the KCC (Korea Communications Commission) that the virus was launched via the local LG Uplus mentioned earlier.
It turns out that the KCC jumped the gun on that issue and it turned out it was something different that caused the whole malware debacle to explode to epic, nationwide proportions across Seoul.
It wasn't a single Chinese IP address that was the source of the cyber-attack but instead it was something more local, namely an IP address from NongHyup Bank, which was one of the assault's many victims.