• Warning: Illegal string offset 'name' in fierce_js_init() (line 6 of /mnt/www/html/fiercemarkets/docroot/sites/all/modules/custom/fierce_js/fierce_js.module).
  • Warning: Illegal string offset 'url' in fierce_plugins_site_footer_content_type_render() (line 150 of /mnt/www/html/fiercemarkets/docroot/sites/all/modules/fierce_plugins/plugins/content_types/site_footer/site_footer.inc).
  • Warning: Illegal string offset 'signup_url_footer' in fierce_plugins_site_footer_content_type_render() (line 151 of /mnt/www/html/fiercemarkets/docroot/sites/all/modules/fierce_plugins/plugins/content_types/site_footer/site_footer.inc).
  • Warning: Illegal string offset 'contact_url' in fierce_plugins_site_footer_content_type_render() (line 154 of /mnt/www/html/fiercemarkets/docroot/sites/all/modules/fierce_plugins/plugins/content_types/site_footer/site_footer.inc).
  • Warning: Illegal string offset 'mobile' in fierce_plugins_site_footer_content_type_render() (line 155 of /mnt/www/html/fiercemarkets/docroot/sites/all/modules/fierce_plugins/plugins/content_types/site_footer/site_footer.inc).
  • Warning: Illegal string offset 'url' in fierce_plugins_site_footer_content_type_render() (line 156 of /mnt/www/html/fiercemarkets/docroot/sites/all/modules/fierce_plugins/plugins/content_types/site_footer/site_footer.inc).
  • Warning: Illegal string offset 'url' in fierce_plugins_site_footer_content_type_render() (line 158 of /mnt/www/html/fiercemarkets/docroot/sites/all/modules/fierce_plugins/plugins/content_types/site_footer/site_footer.inc).
  • Warning: Illegal string offset 'jazd' in fierce_plugins_jazd_hottest_products_content_type_render() (line 32 of /mnt/www/html/fiercemarkets/docroot/sites/all/modules/fierce_plugins/plugins/content_types/jazd_hottest_products/jazd_hottest_products.inc).

Hackers used stolen credentials in South Korean cyber attack

Tools

We reported last week on how multiple financial institutions and television stations in South Korea were knocked offline by a destructive malware.

With more than 32,000 servers hit, reports on various websites noted that the malware was able to elude detection by security software by South Korea-based AhnLab; others said that the attack used AhnLab servers to launch the attack.

This is not true, according to AnhLab, which denied that security holes in any of its products were used to deliver the malicious code. Instead, the company says that the unidentified hackers made used of stolen IDs and passwords to launch some of the attacks, including exploiting existing mechanisms for delivering new software and security updates.

"The credentials were used to gain access to individual patch management systems located on the affected networks," wrote the company in an email. "Once the attackers had access to the patch management system they used it to distribute the malware much like the system distributes new software and software updates."

Regardless of how the various malware were able to infect the South Korean computer networks, the lack of financial motive suggests that they had state-sponsored origins. Also, various logic bombs found in some of the malware helped ensure maximum disruption, as a large number of systems crashed within a very short period of time.

For more:
- check out this article at InformationWeek

Related Articles:
South Korean banks, broadcasters hit by cyber attack
Chinese hackers break into NYT, WSJ networks