2 min read

A US Hacker Blasted North Korea off the Internet Following Missile Tests

Graham CLULEY

February 08, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
A US Hacker Blasted North Korea off the Internet Following Missile Tests

Last month, as North Korea's supreme leader Kim Jong-un oversaw a series of sabre-rattling hypersonic missile tests, cyber attacks disrupted the country's internet infrastructure.

The finger of suspicion pointed at nation states in the West, who might have launched the distributed denial-of-service attacks, which reportedly, at their height, took down "all traffic to and from North Korea."

However, in an interview with Wired, an independent hacker known only as P4x has claimed sole credit.

P4x claims that he was himself hacked by North Korean spies just over a year ago, as part of a campaign that deployed zero-day vulnerabilities against security researchers.

In that attack, North Korean hackers reached out to experts in the cybersecurity community via email, Twitter, and LinkedIn, posing as fellow researchers and offered to collaborate on investigations into new vulnerabilities.

As I explained at the time, this was all a ruse to slip malicious backdoor code onto the targeted researchers' computers.

According to Wired, P4x says that last year's North Korean attack did not succeed against him but the thought of being personally targeted by state-sponsored hackers did leave him "deeply unnerved."

And P4x felt frustrated by what he viewed as a lack of any visible response from the US government.

And so the US hacker took matters into his own hands, and a year after he was targeted by North Korea he decided he would turn the tables:

"I want them to understand that if you come at us, it means some of your infrastructure is going down for a while."

Finding "numerous known but unpatched vulnerabilities" in North Korean computer systems, P4x was able to launch denial-of-service attacks on the servers and routers that form North Korea's - small by the rest of the world's standards - portion of the internet.

And, from the sound of things, it worked.  For some hours, North Korea effectively dropped off the internet.

"When someone would try to connect to an IP address in North Korea, the internet would literally be unable to route their data into the country," security researcher Junade Ali told Reuters.

Should P4x have done it?  Does the fact that North Korea was his target make the disruption accessible?

That's a debate for another time, but one thing that should be considered is that if a private individual launches an attack against the internet infrastructure of a rogue nation like North Korea, it's possible that they may also be interfering with ongoing efforts by legitimate agencies to spy and gather intelligence using similar vulnerabilities.

Maybe it's a better idea if all of us resist the urge to be an internet vigilante, and instead leave attacks on other states to our governments and intelligence agencies instead.

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts
Silviu STAHIE

December 02, 2022

1 min read
Some Phone Manufacturers Didn't Implement Vital Security Patch for ARM Mali GPU, Google Researchers Find Some Phone Manufacturers Didn't Implement Vital Security Patch for ARM Mali GPU, Google Researchers Find
Silviu STAHIE

November 29, 2022

1 min read
Apple Users Report Seeing Other People's Photos When Using iCloud for Windows Apple Users Report Seeing Other People's Photos When Using iCloud for Windows
Silviu STAHIE

November 25, 2022

1 min read