Information Warfare: North Korea Greets Internet Visitors With A Surprise

Archives

February 4, 2015: Some Internet security researchers were surprised recently to discover that the website of the North Korean government owned and operated Korean Central News Agency was equipped to secretly plant (or try to plant) spyware on the PCs of people visiting the site. The infection code was set up so that the operators of the North Korean site could easily deliver different kinds of infections. This infection capability was apparently set up in 2012 and it is still unclear how many, if any, visitors were infected and exactly with what.

Not everyone visiting the site would be infected when the North Korean system was rigged to deliver a payload to visitors because visitors with well-protected systems (like Internet security experts or anyone with a high-end antivirus system) would, at most, get an alert that this North Korea site was trying to infect them.

The North Koreans won’t say anything and it’s possible that the infection code was there as part of a training exercise for their own hackers. The code was not of the highest quality and looks like something student hackers might put together. Like just about everything else in North Korea the details of this hidden infection code are a state secret. So we have to wait for North Korea to collapse or for one of their hackers to defect to find out what is going on here. Whatever it is, it ain’t good.

 

 

 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close