North Korea has been completely cut off from the internet at least twice in the last month. It’s online noticed many. All websites with domain names ending in “.kp” have become inaccessible. It was only unclear what it was: a huge mistake by the North Koreans or a targeted attack from outside.
The first falls were noticed on January 14, and they lasted several hours for more than a week. Then similar periodic blackouts since January 25th. It looked like North Korea’s IT infrastructure was under a distributed denial of service (DDOS) attack.
In a report released recently, a lone hacker seeking revenge told Wiredthat he is responsible for harming the country’s internet.
An American hacker who goes by the pseudonym P4x says he was one of the victims last year. cyber attacks on dozens of Western researchers in the field of cybersecurity organized by North Korean agents.
P4x remembers exactly the moment he was approached by North Korean spies. At the end of January 2021, he opened a file sent to him by a fellow researcher who said it was an exploit tool. Just 24 hours later, he discovered a message in Google Threat Analysis Group blogwarning that North Korean hackers set their sights for security researchers.
When P4x opened the resulting file in a virtual machine and carefully examined it, he saw that it contained a backdoor. And was shocked to realize that he was personally targeted by North Korea.
He said that the hackers tried to steal various tools and information about software vulnerabilities, but he was able to stop them before they could get anything worthwhile. The FBI contacted him a few days later to find out the details, but he was never offered any real help. He never heard of any repercussions for the North Korean hackers who targeted him. No open investigation was launched against them. There was not even an official recognition by the US agency of North Korea’s responsibility. P4x got the feeling, as he put it, that “I don’t really have anyone on my side.”
He was disappointed that he was being targeted and that the US did not seem to respond. So I decided to take matters into my own hands.
It seemed like the right thing to do. If they don’t see that we have teeth, this will go on forever.
I want them to understand that if you attack us, it means, inevitably, that part of your infrastructure will fail for some time.
North Korea’s mysterious internet glitches appeared around the same time that the country began conducting record-breaking weapons tests. launching new hypersonic missiles. This coincidence of these events has led some experts to suspect that a foreign power, such as South Korea or the United States, may be behind the attacks. But P4x stated that this is not the case.
Wired says P4x provided them with screen recordings demonstrating his responsibility for the attacks on North Korea’s servers.
Although the hacker openly claimed responsibility for the attacks, P4x refused to reveal specific vulnerabilities in the North Korean system, which he says he found and used to repeatedly single-handedly shut down the entire country’s internet.
P4x says it has largely automated its attacks on North Korean systems, periodically running scripts that find which systems are still online and run exploits to disable them. “It looks like a small to medium pentest to me,” says P4x. “I test their systems for security and find bugs. It’s quite interesting how easy it was to achieve some kind of effect.”
P4x also told Wired that he was doing the interview because he was trying to get more “hacktivists” to join the dark web website he launched a week ago. The site is called FUNK project (which stands for FU North Korea) and will deal with counterattacks against North Korean threats.
The FUNK website says:
You can really make a difference, even as one person.
The goal is to proportionally carry out attacks and collect information to prevent the NC from hacking into the western world completely unhindered.
Do you want no hackers to get to your data? choose ITSOFT data center. Placement and rental of servers and racks in two Tier 3 data centers in Moscow. UPTIME 100%. Communication licenses, SSL certificates, server administration and site support.