There has been a lot of report around the South Korean attacks on financial institutes and the media industry. Below is a comment from Jaime Blasco, Labs Director, AlienVault on how the wiper malware works and how they may have got access to the affected networks.
During the day I’ve been thinking about what have just happened in South Korea. Earlier today we published a quick blog post about how the wiper payload works (http://labs.alienvault.com/labs/index.php/2013/information-about-the-south-korean-banks-and-media-systems-attacks/). It is a very simple piece of code that overwrites the MBR (Master Boot Record) making the affected system unable to start after reboot.
- Jaime Blasco, Labs Director, AlienVault
- Viewpoints
- Posted On