South Korea says attackers used IP address in 5 nations
South Korea said Friday it had identified and blocked five IP addresses used to distribute computer viruses that caused a wave of Web site outages in the U.S. and South Korea.
South Korean and American officials have said they believe North Korea was behind the attacks, but none of the blocked Internet Protocol addresses — the Web equivalent of a street address or phone number — were for computers in North Korea.
The addresses point to the computers that distributed the virus that triggered so-called denial of service attacks in which floods of computers try to connect to a single site at the same time, overwhelming the server. They were in Austria, Georgia, Germany, South Korea and the U.S., an official from the state-run Korea Communications Commission said. He spoke on condition of anonymity because he is not authorized to speak to the media on the record.
The latest evidence does not clear North Korea of involvement. It is likely that the hackers used the identified IP addresses to disguise themselves — for instance, by accessing the computers from a remote location — though blocking them helps prevent those computers from being used again to distribute viruses or to carry out denial of service attacks.
Page 1 of 4