US, South Korea site attacks traced back to UK
Published: 15 Jul 2009 08:29 BST
The denial-of-service attacks launched on websites in South Korea and the US earlier this month appear to have come from a master server in the UK, according to security researchers in Vietnam.
The master server controls all the eight command and control servers involved in the series of distributed denial-of-service (DDoS) attacks that started on the 4 July weekend, security firm Bkis said in a blog posting on its website on Monday. Bkis succeeded in gaining control of two of the servers and analysed the logs.
The Vietnamese firm estimated the number of compromised PCs involved in the attacks to be around 167,000 in 74 countries.
Botnet expert Joe Stewart of SecureWorks told ZDNet UK's sister site, CNET News.com, that the number sounded high. Security experts had been estimating that there were 50,000 infected PCs in the botnet.
The attacks targeted dozens of government and commercial sites in the US and South Korea, causing temporary outages at many of them.
Code on the compromised PCs was set to erase or overwrite data late last week, but researchers in the US were not aware of any reports of that happening.
Credit: Researchers: Attacks on U.S., Korea sites came from U.K. from CNET News
Did you find this article useful?
4 out of 4 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
