Seoul Mega Malware Wipe
There's a long and winding road ahead for Seoul, South Korea
After a malware plague froze and crippled all of its major banks, television stations, and so forth. The financial institutions, insurance firms, and TV channels involved include Shinhan Bank, Nonghyup Bank, Jeju Bank, YTN, MBC, ISP LG Uplus, and KBS, among many others. Shinhan's ATMs were down, ISP LG U+ was compromised, and so forth had trouble functioning thanks to the data wipe that rendered computers inoperable at the time. With that said, the NCIA or National Computing and Information Agency claims that South Korean government networks are still safe from harm.
At any rate, it was corporate patching systems that were deemed the culprit on why the malware was able to spread so fast. More to the point, the malicious code that knocked out the computers of TV stations and banks earlier on last week made use of the patching systems that, ironically, were supposed to protect the PCs, to introduce the nasty viral infections that made the digital destruction possible. The devastating malware that was identified as Jokra Trojan by Symantec and DarkSeoul by Sophos) was able to cripple entire systems by doing data wipes through their hard drives, which prevented boot ups and deleted important information contained within the machine (had they not been backed up properly).
At first, researchers believed the malware was spread via a single Chinese IP address. To be more specific, it was said by the KCC (Korea Communications Commission) that the virus was launched via the local LG Uplus mentioned earlier. It turns out that the KCC jumped the gun on that issue and it turned out it was something different that caused the whole malware debacle to explode to epic, nationwide proportions across Seoul. It wasn't a single Chinese IP address that was the source of the cyber-attack but instead it was something more local, namely an IP address from NongHyup Bank, which was one of the assault's many victims.
Even earlier than that
It was thought that North Korea was behind the attacks.
Supposedly, a local, unnamed antivirus company was broken into by local cyber-terrorists in order to get that virus spread by the very systems that were supposed to safeguard the aforementioned TV and banking organizations. The theory was eventually offered to the rest of the news media, but eventually they reneged on their earlier pronouncement. All the same, the true story was that an update patch distributed the planted malware across all those important financial and entertainment institutions (i.e., the corporate patching systems were hacked in order to spread the malicious code).
Powerful UTM Firewall, Vulnerability Scanner, WiFi Penetration Testing software
SecPoint is specialized to deliver the best IT security solutions and products.