South Korean law enforcement is warning computer uses against downloading uncertified online gaming programs, according to local media
The National Police Agency said Tuesday that some of the games may have been developed in North Korea and could contain malware that could be used in a cyber attack against the south.
The malware may collect location data and IP addresses and transmit them. The infected computers could also be used to launch distributed denial of service attacks, which use multiple computers to make millions of requests to websites and networks in attempt to overwhelm their capacity to distribute information.
Matthew Aid, an independent intelligence analyst, called the reports “incredible.
“What the North Koreans are doing is something akin to a honey trap for techno-crazed South Koreans,” he said. “No teen will ever pass up an offer for free games online.”
A study conducted in 2009 by the Korea Creative Content Agency concluded that about 7 percent of the nation's primary and secondary schoolchildren are addicted to computer games.
Aid added that it was concerning that “Norton Anti-Virus or the other forms of computer security systems in use in South Korea apparently are not detecting the presence of malware in the game programs being downloaded.”
“I wonder how that is possible. Are the North Korean viruses that sophisticated, or is the current generation of commercial computer security software that far behind the threat?” he said. “The answer may be both, which is really scary.”
North Korea has successfully used games to distribute malware. In June of last year, infected games delivered malware to computers which then launched a denial of service attack on Incheon Airport
"The use of game applications to carry a malicious payload [malware] is not new, criminal entities do this regularly. North Korea can acquire it from any number of criminal entities or roll-their-own," said Christopher Burgess, CEO of Prevendra, Inc a privacy, intelligence and security entity. "South Korea commercial or government entities have every reason to be wary of a DDOS attack and/or malicious code attempting to exfiltrate commercial or governmental secrets. The bar to entry is not high for any entity, let alone an entity such as North Korea who can devote significant resources to buy or build."
Last March, Seoul also blamed North Korea's military spy agency for a cyber attack that affected 48,000 computers and servers, stalling operations at three top South Korean broadcasters and hampering financial services at banks for several days. Another attack in July was also blamed on Pyongyang.
North Korea is believed to have an elite cyber warfare unit that was suspected of being behind computer attacks on South Korean government agencies and financial institutions in 2009 and 2011.
Pyongyang denies the accusations. It accused the U.S. and South Korea of shutting down some of its own websites in March.