The MyDoom virus cyberattacks last week on thousands of computers and websites in the US and S. Korea didn’t come from N. Korea, as people had originally speculated. Instead, according to Vietnamese security company BKIS, they appear to have originated in the UK.
Company director Nguyen Minh Duc wrote in a blog post:
"We have analyzed the malware pattern that we received. We found a master server located in the UK."
Infected computers had attempted to contact one of eight command and control servers every three minutes. They were instructed to direct traffic at the attack sites in an attempt to overwhelm them.
However, those servers were under one central command, and that would seem to be in the UK, not N. Korea, which was originally believed to be the source of the attacks.
"Having located the attacking source in UK, we believe that it is completely possible to find out the hacker," Nguyen continued. "This of course depends on the US and South Korean governments."
But South Korea isn’t completely convinced. A spokesman for the Korea Communications Commission told the Korea Times:
"We don’t know that the attackers were actually based in Britain, or mainly hacked a British IP address and used it for delivery.”
- The 52 best movies on Amazon Prime Video right now
- The best Netflix original movies
- The best Amazon Original movies right now
- Taiwan’s anti-coronavirus tech is working wonders. The U.S. should take notes
- North Korea denies accusations of WannaCry attack involvement