SEOUL, South Korea – South Korean investigators say they were wrong when they identified a Chinese Internet address as the origin of a cyberattack that paralyzed tens of thousands of computers at six South Korean companies this week. But they still believe the attack originated from somewhere abroad.
Seoul’s Korea Communications Commission said today that an Internet Protocol address linked to Wednesday’s attack actually belonged to a computer at one of the South Korean companies that were hit.
Commission officials say the IP address was used only for the company’s internal network and was identical to a public Chinese address.
Investigators say an analysis of malware and servers indicates the attack was likely orchestrated from abroad. They didn’t elaborate.
Experts in Seoul suspect Pyongyang of orchestrating the attack. The investigation will likely take weeks.