Korea DDOS virus now erasing data

 They say what goes around comes around and on Friday owners of bot-infested PCs in South Korea will discover that’s true.

The owners of tens of thousands of bot-infested PCs in the county — who’ve resisted calls all week to update or install anti-virus software — will likely switch on their PCs on Friday to find their data gone, said computer security specialist AhnLab.

From midnight local time (3 p.m. GMT Thursday) the virus, which has been attacking prominent U.S. and South Korean government and commercial Websites all week, has been programmed to encrypt user data or reformat the hard drive of the PC.

There are still ways to save an infected PC, although if the owners have ignored security requests so far they might be unlikely to follow AhnLab’s recommendations.

These involve starting Windows in safe-mode by using the boot menu accessed through the F8 key at start-up, setting the clock to before July 10 and then rebooting the PC normally and updating anti-virus software or performing a free scan to erase the virus.

 

Unfortunately many anti-virus programs are near touseless in blocking the binariesused to spread botnets.

The attacks have been headline news all week in South Korea, where casualties have included the top-ranked news Web site, one of the leading online auction sites, electronic banking portals of several major banks and the home pages of the Ministry of National Defense, the president’s Web site, the National Assembly and the U.S. Forces Korea.

Computer security companies have been urging people to update their ant-virus software or download an application to perform a free scan but many have, apparently, ignored those requests.

A third wave of attacks on Thursday night overloaded some of South Korea’s most popular Web sites and showed that the bot-infested PC army was still alive and kicking.

But Thursday night’s attacks might be the last. This shift from attack to destroy may indicate the end of this particular round of attacks, which started on July 4 against U.S. sites and hit South Korean sites for three days in a row this week.

About two dozen nations have developed cyber-attack capabilities and have their eyes on targets inside the U.S. government or businesses, according to Shawn Henry, the assistant director in charge of the U.S. Federal Bureau of Investigation’s Cyber Division.

Last month, Defense Secretary Robert Gates today approved the creation of a unified U.S. Cyber Command to oversee the protection of military networks against cyber threats.

Little is known about the person or persons controlling the virus although computer security experts say the attack itself is not particularly sophisticated. That leaves the possible range of culprits wide, from individuals with a relatively low level of hacking skills to organized groups or governments who might have employed a low-tech approach to confuse experts.

 

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now