TMCnet News

Hackers Set Time Bomb to Damage Targeted Banks and Broadcasters in South Korea
[March 25, 2013]

Hackers Set Time Bomb to Damage Targeted Banks and Broadcasters in South Korea


Mar 25, 2013 (M2 PRESSWIRE via COMTEX) -- The AhnLab Security Emergency Response Center (ASEC) and US headquarters of South Korea-based AhnLab (www.ahnlab.com) today confirmed a large series of cyber attacks that targeted banks and broadcasters in South Korea. AhnLab said that attackers used stolen user IDs and passwords to launch some of the attacks. The credentials were used to gain access to individual patch management systems located on the affected networks. Once the attackers had access to the patch management system they used it to distribute the malware much like the system distributes new software and software updates. Contrary to early reports, no security hole in any AhnLab server or product was used by the attackers to deliver the malicious code.

Analysed by ASEC, the malware used in this latest attack can be detected in real-time and deleted with the multi-dimensional protection technology used in AhnLab's Malware Detection System (MDS) appliance. According to Brian Laing, vice president of marketing and business development, organisations with AhnLab MDS deployed were automatically protected against this latest discovery.

"This attack highlights the rapidly evolving threat landscape that changes by the minute with attacks becoming more targeted, sophisticated and capable of evading traditional security solutions" said Laing.


More than 32,000 servers managed by broadcasters and banks in South Korea were attacked yesterday in what experts are calling one of the largest multiple-targeted cyberattacks in South Korea history. The shutdowns affected Shinhan Bank, Nonghyup Bank, Munhwa Broadcasting Corp., YTN and Korea Broadcasting System. The malware code for the attack was likely developed by Chinese sources and used by hackers from North Korea, according to Ryou Jae Cheol, a professor of computer engineering and securities at Chungnam National University in a statement to BusinessWeek Magazine. The Malware code targeted organisations' servers and destroyed the systems' ability to boot.

For a detailed technical explanation of the attack and how ASEC and AhnLab MDS detected and deleted the threat, see this webpage http://asec.ahnlab.com/926 (Details in Korean) AhnLab's MDS AhnLab's network security product, the AhnLab Malware Defense System (MDS) appliance, offers comprehensive threat protection, rapid malware recognition and remediation, and stops malicious network traffic and dynamic disruption of active security breaches in an instant. AhnLab MDS secures endpoints, servers, networks, and cloud resources with a single architecture and an integrated management platform.

About AhnLab AhnLab creates agile, integrated Internet security solutions for consumers and businesses, ranging in size from SMBs to enterprise organizations. Founded in 1995, AhnLab is a global leader in security research and product development delivers comprehensive protection for networks, transactions, and essential services. By combining cloud analysis with endpoint and server resources, AhnLab generates best-of-breed breach detection and threat prevention that scales easily for high-speed networks. This multi-dimensional approach combines with exceptional service to create truly global protection against attacks that evade traditional security defenses. That's why more than 25,000 organizations rely on AhnLab's award-winning products and services to make the Internet safe and reliable for their business operations.

Learn more today by contacting your AhnLab partner or local AhnLab sales representative, or by visiting: http://www.ahnlab.com.

((M2 Communications disclaims all liability for information provided within M2 PressWIRE. Data supplied by named party/parties. Further information on M2 PressWIRE can be obtained at http://www.presswire.com on the world wide web. Inquiries to [email protected].

[ Back To TMCnet.com's Homepage ]