Posted on 08/07/2011 4:45:03 AM PDT by TigerLikesRooster
35m Cyworld, Nate users’ information hacked
2011-07-28 18:29
SK Communications Co. said on Thursday that personal information of its 35 million online users has been hacked, marking South Korea’s worst online security breach and sparking fears that the leak could lead to massive online and voice scams in coming weeks.
“The company has confirmed that a leak of customers’ information has taken place due to hacking on July 26,” SK said in a statement. “The specific scale of the hacking is still being investigated, but it is estimated that some of the personal information of 35 million Nate and Cyworld members have been leaked.”
Nate is the country’s third-most visited Web search engine and Cyworld is the biggest social networking site with 25 million users, which accounts for half of the South Korean population.
SK Communications, which runs Nate and Cyworld, is a unit of the SK Group whose affiliates include top mobile operator SK Telecom.
Police said they would launch an investigation into the hacking incident at SK. The Cyber Terror Response Center, a police division dealing with crimes in cyberspace, is expected to identify who committed the hacking.
SK Communications said the hacking originated from a malicious code in China, an allegation that has yet to be verified by police investigation.
The hacking of the country’s major website comes after a host of Korean online firms suffered from similar cyber attacks amid heightened worries over lack of security protection. A vicious cyber attack paralyzed the computer system of the National Agricultural Cooperative Federation, or Nonghyup, in April and 18 million users of Internet Auction Co., a unit of U.S.-based eBay Inc. had to change their password due to a security breach in 2008.
The latest hacking involves SK users’ names, phone numbers, email, resident registration numbers and passwords. SK Communications said the members’ password and resident registration numbers are protected through high-level encryption, but plan to set up a hotline for handling the hacking incident to stem secondary damage in the form of voice phishing and spam mail.
As with previous hacking incidents, Cyworld and Nate members are likely to receive more spam messages or fake calls from phishing firms.
ESTsoft was ‘host’ of massive cyber caper
Hacker used software maker’s server for historic attack
August 06, 2011
A company tasked with promoting the safe and convenient use of computers was revealed as the “host” of the worst hacking case in Korean history, raising red flags in the industry and among Internet users.
The National Police Agency said late Thursday that the server of ESTsoft, a software provider, was likely used by an unidentified hacker in last week’s attack on the popular Web sites of SK Communications. The attack resulted in the theft of personal information of 35 million Koreans who use Nate, the Web portal and Cyworld, the social networking service.
The hacker is thought to have broken into ESTsoft’s antivirus programs on SK Communications PCs and implanted malicious code, the agency said. The code paralyzed the affected PCs, giving the hacker free access to user data, it added. While most Koreans have not heard of ESTsoft, many are familiar with its programs, which include AlTools and AlZip.
AlTools is used by 25 million Koreans. The antivirus software AlYak is included in AlTools and is the second-most downloaded antivirus software after V3 of AhnLab, the country’s top provider of online security software.
“It is very unlikely that ESTsoft will become the suspect,” an official with the agency said. The investigation is expected to be completed later this weekend.
Still, this has prompted other Web portals to take action. NHN, the operator of Korea’s No. 1 Web portal, ordered its employees to delete ESTsoft’s programs, sources said yesterday.
Officials with Daum Communications also said that “after the hacking accident into SK Communications, we have checked the PCs of all employees and are continuing to monitor them.”
Korean Internet users were distressed that a company that develops antivirus software was used as a host in a cyber attack.
“This is unimaginable,” one online user wrote in an online community that opened last week to garner support for a class lawsuit against SK Communications. “How can a company that makes vaccine software be this vulnerable?” It counts 41,000 people as members.
An official with the National Police Agency said Thursday, “we are not certain at this point whether there is also damage to average users [of AlTools] or if the attack only targeted in-house PCs of SK Communications.”
ESTsoft and the government are advising people to download the security updates. Shortly after the police initiated a search on Thursday morning, the company began offering the update on its site (www.estsoft.co.kr).
User complaints are mounting. On Thursday, a man filed a damage suit against SK Communications demanding 3 million won ($2,824) in compensation for the leak of his personal information, according to Seoul Central District Court. On Monday, a similar suit was filed against the company, and observers expect more.
Meanwhile, a site set up by the Korea Internet Security Agency (KISA) to check if personal information was stolen experienced connection problems yesterday. KISA said the number of visitors to its Web site has increased six-times since the SK Communications hacking incident last Thursday.
By Kim Hyung-eun [hkim@joongang.co.kr]
P!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.