U.S. and South Korean agencies are still scratching their heads trying to track down the perpetrators of widely publicized July 4 attacks. South Koreans were quick to point the finger at North Korea or “North Korean sympathizers”, but as of yet, no concrete proof has emerged. The botnet infected 50,000 computers and then sent a DDoS (dedicated denial of service) attack on government web servers in South Korea and the United States, crippling them.
Because of the nature of the attacks, analysts say they could have originated anywhere in the world.
“The truth is, we may never know the true origin of the attack unless the attacker made some colossal blunder,” said Joe Stewart, a director in the Counter Threat Unit at SecureWorks, a computer security consulting organization.
What researchers have determined is that the code of the attacking program was not very sophisticated and could have been written by an amateur. They are hoping that the creators of the botnet left a fingerprint trail that will lead investigators to them. Even if they are able to determine the country of origin, however, even that could have been masked. Ultimately, they may have to rely on arrogance that typically characterizes villains: that they will boast about their accomplishments.