We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Korea DDOS virus destroying data, wiping PCs

Unprotected bot-infested PCs reformatted

The owners of tens of thousands of bot-infested PCs in South Korea who've resisted calls all week to update or install antivirus software will today find their PCs wiped of data, said computer security specialist AhnLab.

From midnight local time (3pm yesterday here) the virus, which has been attacking prominent US and South Korean government and commercial websites all week, has been programmed to encrypt user data or reformat the hard drive of the PC.

There are still ways to save an infected PC, although if the owners have ignored security requests so far they might be unlikely to follow AhnLab's recommendations. These involve starting Windows in safe-mode by using the boot menu accessed through the F8 key at start-up, setting the clock to before July 10 and then rebooting the PC normally and updating antivirus software or performing a free scan to erase the virus.

The attacks have been headline news all week in South Korea, where casualties have included the top-ranked news website, one of the leading online auction sites, electronic banking portals of several major banks and the home pages of the Ministry of National Defense, the president's website, the National Assembly and the US Forces Korea.

Computer security companies have been urging people to update their antivirus software or download an application to perform a free scan but many have, apparently, ignored those requests.

A third wave of attacks on Thursday night overloaded some of South Korea's most popular websites and showed that the bot-infested PC army was still alive and kicking.

PC security news and advice

But Thursday night's attacks might be the last. This shift from attack to destroy may indicate the end of this particular round of attacks, which started on July 4 against US sites and hit South Korean sites for three days in a row this week.

Little is known about the person or persons controlling the virus although computer security experts say the attack itself is not particularly sophisticated. That leaves the possible range of culprits wide, from individuals with a relatively low level of hacking skills to organised groups or governments who might have employed a low-tech approach to confuse experts.

See also: Massive botnet targets US government websites

Download FREE whitepapers:

Ten tips on security


IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

Apple's 2014 highlights: the most significant Apple news of 2014

IDG UK Sites

Watch this heartwarming Christmas short by Trunk for composer John Rutter

IDG UK Sites

Ultimate iOS 8 Tips: 35 awesome and advanced tips for using iOS 8 on iPhone and iPad