Possible Suspect |
The group, which is said to be anonymous, but not Anonymous, probably started operating in 2009 according to records obtained by The Dokdo Times from the National Intelligence Service, which supplied them on condition of anonymity.
The records indicate that computers belonging to all government ministries and branches of the military services were breached after the hackers discovered secret 'super passwords' used by intelligence agencies to gain access to computers belonging to all government ministries and branches of the military services. These were reportedly 'kimchi', 'kim', 'dokdo', 'password', and '12345'. The Dokdo Times was able to verify that as it went to print today many of these so-called 'super passwords' still appeared to work, although computer logs indicate that the hackers stopped downloading the contents of the computers last week.
The breach in security by the hackers was found when an employee in the Ministry of Technology inserted an unlabeled disk containing a copy of U.S. security software 'McAfee' into his computer, thinking it was a copy of Microsoft Office. Because the software ran in English it was two hours before the employee – who is understood to 35 years old and named Kim – noticed the mistake, by which time it had already found 56 different computer viruses and 187 so-called 'spyware programs' one of which transpired to have been written by the mysterious hacking group. All of the rogue programs had apparently escaped detection by home-grown anti-virus software, because they were foreign in nature, and had therefore been politely ignored.
The attack has been named "Operation Troy", because the word "Troy" frequently appears in the code of the malicious software. The Foreign Ministry has filed a formal complaint with the Turkish government – who have denied involvement. The Ministry of Justice is also believed to be interested in questioning two American brothers named Warner over the incident.
However, researchers with the U.S. security software maker Symantec Corp say they have uncovered evidence that the attack is the work of a group dubbed the "Dark Seoul Gang". Following the breakthrough, the Seoul Cyber Crimes Unit announced they have arrested four black men in connection with the attack. Initial reports indicate they are likely to be American military personnel.
Related Links
Hackers in four-year effort to steal South Korea military secrets: study
Four-year hacking spree in South Korea blamed on 'Dark Seoul Gang'
Disclaimer: Please note the links above are generated automatically by our software and may not always be directly related to the news article.