North Korea’s Factory-Trojaned Computer Games

It looks like North Korea managed to build a DDoS botnet by infecting computer games at the source, and then selling them at cut-rate prices to online game sites.

Of course, the guy who helped the North Korean spies got fucked and is sitting in jail.

But still, this raises a good point — who expects the factory-original software to be infected?

Sure, maybe in cheap software off eBay. But when the threat model includes an adversary with resources that might desire compromise on a mass scale, you have to be very careful of the source.

(yes, both literally and in the code way too…)

http://koreajoongangdaily.joinsmsn.com/news/article/article.aspx?aid=2953940

“A 39-year-old South Korean game distributor was arrested on Sunday for involvement and charged with violating the National Security Law.[…]

[The man] met agents of an alleged North Korean trading company. He allegedly asked them to develop game software to be used in the South.[…]

Jo purchased dozens of computer game software for tens of millions of won, which was a third the cost of the same kind of software in the South. The games were infected with malignant viruses, of which Jo knew, an official at the police agency said.

Jo sold the games to South Korean operators of online games. When people played the games, the viruses used their computers as zombies, through which the cyberattack was launched.

So-called “a distributed denial-of-service attack,” this cyberattack against Incheon International Airport occurred two or three times in March 2011, police said. The attack was fended off by the intelligence authorities in the South. “

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: