Friday, August 12, 2011

Trojaned Update Blamed in Massive South Korean Attack

Via The Register UK -

A devastating attack that exposed the personal information of 35 million South Koreans was perpetrated after hackers breached the security of popular software provider ESTsoft and planted malicious code on one of its update servers, it was widely reported Thursday.

Attackers with Chinese IP addresses uploaded malware to a server used to update ESTsoft's ALZip compression application, South Korean news outlets said. The upgrades eventually caused the compromise of 62 PCs at SK Communications that used the program. Attackers then tapped the machines to steal the names, user IDs, hashed passwords, birthdates, genders, telephone numbers, and street and email addresses contained in a database connected to the same network.

It was South Korea's biggest theft of personal information ever. With about 49 million people living in South Korea, the breach is believed to have affected the majority of the nation's population.

After hijacking the SK Communication PCs with the fake ALZip update, the attackers used the machines to access databases containing user information for the telecom's Cyworld social networking website and the Nate web portal. The publications cited investigators from Korea's National Police Agency.


----------------------------------------------------------------------------------------

South Korea Government Plans to Scrap Online Real-name System
http://www.tmcnet.com/usubmit/2011/08/11/5698912.htm

The South Korea government will push ahead with plans to scrap the current real-name system for Internet users in the wake of the country's worst online security breach, local media reported Thursday.

The Ministry of Public Administration and Security is set to report to ruling party lawmakers about comprehensive measures to protect personal information online, including abolishing the real- name registration system, Yonhap news agency said.


The real-name system, introduced in 2007, requires people to use their real names and resident registration numbers when making online postings on websites with more than 100,000 visitors per day.

----------------------------------------------------------------------------------------

For user not familiar with the original story...

Hack of South Korean Sites Affects Up to 35 Million Users
http://djtechnocrat.blogspot.com/2011/07/hack-of-south-korean-sites-affects-up.html

No comments:

Post a Comment