All the latest UK technology news, reviews and analysis

South Korea and US government hacks blamed on DarkSeoul group

27 Jun 2013
south korea

The DarkSeoul hacker group is responsible for at least one of the recent attacks on the South Korean government, according to security firm Symantec.

Symantec researchers said initial analysis of the attacks and malwares used proved the DarkSeoul hackers were involved in the recent attacks on South Korea. "While multiple attacks were conducted by multiple perpetrators, one of the distributed denial-of-service (DDoS) attacks observed yesterday against South Korean government websites can be directly linked to the DarkSeoul gang and Trojan.Castov," Symantec's said.

The firm said the research also linked the team to several attacks on both South Korea and the US government. "We can now attribute multiple previous high-profile attacks to the DarkSeoul gang over the last four years against South Korea, in addition to yesterday's attack," it noted. "They previously conducted DDoS and wiping attacks on the US Independence Day as well."

The group's involvement in attacks on the US is expected to have political consequences, with many security researchers believing DarkSeoul is working for the North Korean government. If true, this is troubling as in the past the US government has indicated it would react to cyber attacks on its networks the same way it would real world acts of war. At the time of publishing, the US Department of Defense and White House had not responded to V3's request for comment on Symantec's research.

Symantec confirmed while there is some evidence to suggest the DarkSeoul group is state sponsored, it is still too early to definitively know if the group is operating at the behest of the North Korean government.

"The attacks conducted by the DarkSeoul gang have required intelligence and coordination, and in some cases have demonstrated technical sophistication. While nation-state attribution is difficult, South Korean media reports have pointed to an investigation which concluded the attackers were working on behalf of North Korea," wrote Symantec.

Symantec researchers said even if DarkSeoul is not working for North Korea, the group is in possession of several sophisticated attack tools and resources. The security firm warned businesses to expect and prepare for further attacks from the group.

"Symantec expects the DarkSeoul attacks to continue and, regardless of whether the gang is working on behalf of North Korea or not, the attacks are both politically motivated and have the necessary financial support to continue acts of cyber sabotage on organisations in South Korea," the firm said.

"Cyber sabotage attacks on a national scale have been rare - Stuxnet and Shamoon (W32.Disttrack) are the other two main examples. However, the DarkSeoul gang is almost unique in its ability to carry out such high-profile and damaging attacks over several years."

Hacks in Korea have started since the anniversary of the war between the two nations, with details on 40,000 troops leaked earlier this week.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

Work location poll - office, remote or home?

Where do you spend most time working on your primary work device?

Popular Threads

Powered by Disqus
LG G Flex 2 hands-on review

CES 2015: LG G Flex 2 video

A closer look at LG's latest curved-screen smartphone

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Beacon technology: what are the opportunities and how does the technology work?

This paper seeks to provide education and technical insight to beacons, in addition to providing insight to Apple's iBeacon specification


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Infrastructure Lead/Manager

On behalf of our client we are looking for a Technical...

Digital Solution Architect - Telecoms - £75 - 80K Basic + Bonus

Digital Solution Architect - Telecoms - £75 - 80K Basic...

Senior C# WPF Developer - London - £60-65K

Senior C# WPF Developer - London - £60-65K Basic + Bonus...

Lead C# .NET Developer - West London - £55-65K Basic

Lead C# .NET Developer - C# ASP.NET MVC, TDD/BDD - West...
To send to more than one email address, simply separate each address with a comma.