Slashdot Mirror

← Back to Stories (view on slashdot.org)

Detailed Analysis of the SK Communications Hack

Posted by Soulskill on from the pulling-a-sony dept.

An anonymous reader writes "An Australian IT security company, Command Five Pty Ltd, has just released a detailed analysis (PDF) of the recent SK Communications hack in which the personal details of up to 35 million users were stolen. This new analysis gives details of the attackers' malicious infrastructure and contains as-yet unreported technical details of the malware used in the attack (including the fact that it has the capability to sniff raw network packets on infected machines). The report also identifies links with other malware and malicious infrastructure, demonstrating that the attack is likely to be part of a broader concerted effort by well organized attackers."

2 of 21 comments (clear)

  1. 35 million out of 39 million total Korean net user by wesley96 · · Score: 5, Informative

    When quoting about this SK Comm hacking incident, it should be noted that the "35 million users" is quite significant. There are approximately 39 million total internet users in South Korea with 48 million total population. This means nearly 90% of all S. Korean internet users' information was compromised. That, or more than 70% of total population. It's suffice to say the incident practically threw all relevant Korean people's key personal information out in the wild.

    Oh, and by key personal information, I'm referring to Resident Registration Numbers that were part of the leaked info. RRN is a unique, non-transferable, non-modifiable serial number given to every Korean citizen, and thus is used as a highly convenient way of identifying the person in question. You can retrieve someone's website registration ID just by knowing the name and RRN, so it's something you yourself are only supposed to know. Since password hashes were also leaked, and since lots of folks reuse same password over and over, it would be relatively easy to pick out someone out of the leaked database and use the information to login to other websites, and by doing so, get even more personal information out.

    Now the Korean websites are "encouraged" more than ever to use alternative means to identify someone, but I fear the cat's already out of the bag.

    --
    Serving time in Aristotelean prison for violating laws of physics
  2. Re:35 million out of 39 million total Korean net u by dingram17 · · Score: 5, Interesting

    How is the RRN meant to be a unique number that only you know, if it is used at most websites? This sounds like the sillyness of the US SSN -- its "secret" but everyone asks for it. I can see why Australia made it illegal for anyone other than the Tax Office, Employers or Superannuation funds to ask for your tax file number.

    Unique number identifiers are useful to ensure records don't get mixed up, but they are not a proof of identity. Using them as proof is moronic.