Security researchers in Vietnam are warning that the recent denial of service attacks carried out on South Korean government and other critical national infrastructure sites originated in the UK.
Bach Khoa Internetwork Security (Bkis) staff said they were asked by the Korean Computer Emergency Response Team (KrCert) after the attacks to get to the bottom of where they came from.
On the firm's official blog, senior security researcher Nguyen Minh Duc said that it had located the botnet in question, controlled by eight command and control servers via code embedded in a file named "flash.gif".
"Especially, we found a master server located in UK which controls all of the 8 C&C servers to make a series of cyber-attack last week," wrote Duc. "So the source of the attacks has been identified to be in UK. The existence of master server has never been reported before."
After gaining control of two of the eight C&C servers, Bkis analysed the logs and found the IP address to be located in the UK.
The number of compromised computers used to launch the attacks is also likely to have been vastly underestimated, said Duc.
"During the past few days, the number of zombies has been estimated to be 50,000 by Symantec and about 20,000 by government of South Korea," he wrote.
"But, by taking control of two C&C servers and analysing logs on these servers, we count the exact number of zombies that have been querying C&C servers to receive commands. Accordingly, there have been 166,908 zombies from 74 countries around the world that have been used for the attacks."
The report has been backed by the Korean broadcasting regulator the KCC and law enforcers in the country are currently trying to work with the British government to track down the attack source.
This could be one for the newly formed Police Central e-crime Unit to co-ordinate from this end, although, as with all things involving geographical boundary-crossing, don't expect a result anytime soon.
The bad guys are still basically more agile and nimble than law enforcers when it comes to online transgressions.
Geoengineering on the sea floor near glaciers would form a new ice shelf to prevent melting
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff