Investigators are tracking down hackers

Progress is reportedly being made in the South Korean hackers investigation and it appears that data was extracted from some targeted computers.

Security experts have reportedly uncovered the command server for the botnet believed to be responsible for recent attacks on US and South Korea government web sites. [. . .]

The company said that it now believes that the command server controlling the attacks is hosted in the UK. [. . .]

While the news does not necessarily mean that the individuals behind the attacks are physically located in the UK, researchers say that finding the attack server will make it easier to uncover the criminals behind the attacks. The company also claims to have gained control of two of the servers.

"Having located the attacking source in the UK, we believe that it is completely possible to find the hacker," the company said in a report. "This, of course, depends on the US and South Korean governments." [. . .]

Perhaps of more concern, however, is the apparent ease with which the attacks were launched.

I'm not sure why this isn't a bigger story.

Hackers extracted lists of files from computers that they contaminated with the virus that triggered cyberattacks last week in the United States and South Korea, police in Seoul said Tuesday.

"It's like hackers taking a look inside the computers," An said. "We're trying to figure out why they did this."

Extracted file lists were sent to 416 computers in 59 countries, 15 of them in South Korea. Police have found some file lists in 12 receiver computers and are trying to determine whether hackers broke into those systems and stole the lists, An said.

In addition to the White House and the Pentagon, targets included:

the New York Stock Exchange, the Department of Homeland Security, the State Department, the Nasdaq stock market , The Washington Post, the Treasury Department, the Federal Trade Commission, and the Secret Service.

Pretty impressive list.

Comments welcome.

Most recent posts here.