CSO

My colleague, Martyn Williams, forwarded me this link to a Korean blogger who has published an analysis of the malware used in an ongoing DDOS attack against government and business sites in the U.S. and South Korea.

The list is in line with sites that have been reported to me by security researchers studying this attack, but it is far more comprehensive than anything I've yet seen published.

Who is doing this? An angry teenager? Surely North Korea would be able to come up with a more prominent US bank to hit than US Bank? Then again, maybe not.

Korean police are reportedly investigating the incident. The FBI had no comment Tuesday.

[Attack site list]
Cheong Wa Dae, the Ministry of National Defense, Foreign Affairs and Trade, Republic of Korea National Assembly, U.S. forces in Korea, Naver blog, Naver mail, bank, internet banking, internet banking, Shinhan Bank, Korea Exchange Bank, internet banking, the Grand National Party, the Chosun Ilbo, the auction

Banking.nonghyup.com (bank, internet banking)
Blog.naver.com (Naver blog)
Ebank.keb.co.kr (Korea Exchange Bank Internet Banking)
Ezbank.shinhan.com (Shinhan Bank, Internet Banking)
Mail.naver.com (Naver Mail)
Www.assembly.go.kr (Republic of Korea National Assembly)
Www.auction.co.kr (auction)
Www.chosun.com (Chosun Ilbo)
Www.hannara.or.kr (GNP)
Www.mnd.go.kr (Defense)
Www.mofat.go.kr (Foreign Minister)
Www.president.go.kr (Blue House)
Www.usfk.mil (USFK)

(Transformation may vary depending on the attack website)

Finance.yahoo.com
Travel.state.gov
Www.amazon.com
Www.dhs.gov
Www.dot.gov
Www.faa.gov
Www.ftc.gov
Www.nasdaq.com
Www.nsa.gov
Www.nyse.co
Www.state.gov
Www.usbank.com
Www.usps.gov
Www.ustreas.gov
Www.voa.gov
Www.voanews.com
Www.whitehouse.gov
Www.yahoo.com
Www.washingtonpost.com
Www.usauctionslive.com
Www.defenselink.mil
Www.marketwatch.com
Www.site-by-site.com