Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

South Korea Arrests Man Selling Infected Video Games for North Korea

South Korean police arrested a man from Seoul last week in connection with a plot to use infected video games to launch cyber attacks on behalf of North Korea.

According to Korea JoongAng Daily, police arrested the 39-year-old video game distributor, identified only by the surname Jo, was caught attempting to launch distributed denial-of-service (DDoS) attacks on Incheon International Airport.

South Korean police arrested a man from Seoul last week in connection with a plot to use infected video games to launch cyber attacks on behalf of North Korea.

According to Korea JoongAng Daily, police arrested the 39-year-old video game distributor, identified only by the surname Jo, was caught attempting to launch distributed denial-of-service (DDoS) attacks on Incheon International Airport.

The paper reported that police said Jo traveled to Shenyang, northeastern China, starting in September 2009 and met agents of North Korea’s Reconnaissance General Bureau posing as employees of an alleged North Korean trading company. He is accused of asking them to develop game software to be used in South Korea. He then purchased dozens of computer games for tens of millions of won, knowing the games were infected with malware, police said.

The Korea JoongAng Daily reports Jo sold the games to South Korean players whose computers were compromised when the games were launched. Once infected, the computers were used to conduct DDoS attacks against the airport two or three times in March 2011. The attacks were reportedly fought off.

“There have long been claims that North Korea is operating a cyberwarfare unit (presumably being countered by the one alleged to exist in South Korea), and in 2008 it was reported that South Korea’s military command and control centre were the target of a spyware attack from North Korea’s electronic warfare division,” blogged Lisa Vaas, a contributor to security firm Sophos’ Naked Security blog.

According to the paper, South Korean authorities believe the North’s Reconnaissance General Bureau is responsible for a technical glitch in the flight data processor that paralyzed air traffic control at Incheon International Airport for nearly an hour Sept. 15. It is unclear if the malware linked to Jo was involved.

Written By

Click to comment

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Nation-State

FBI says a North Korea-linked threat group known as Lazarus and APT38 is behind the $100 million Horizon bridge cryptocurrency heist.

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.