Linux Malware Used in Korean Cyber Attacks

Cyber attacks are getting more and more popular with each passing year. Since the advent of the internet, the digitalization of many aspects relating to various fields of the economy and business has become common. However, what was not common was the launch of specially targeted cyber attacks that could wreak havoc on their systems robbing people of their services and the inflicted company of any means of defense.

Linux Malware Used in Korea Cyber Attacks

Similarly, the recent cyber attack on South Korea left everyone stunned and pointing fingers in every direction. On Wednesday, March 21st, 2013, South Korea had to suffer through disruption and disturbances caused through a cyber attack that left four banks and three television stations unable to function properly.

The cyber attack was scrutinized by security vendors who found a certain malware called Jakra. The large range and scope of destruction of the malware surprised many security professionals when they found that the malware was capable of inflicting damage through various different measures. One of the modes it utilized was by manipulating Linux machines believed to be within a Windows threat.
The presence of the Linux malware was extremely interesting to some and was indicative of an extremely advanced attack. With cyber attacks causing people to deploy more and stricter security measures, cyber attacks are also developing to work their way through most defenses. This was evident since the Jakra contained a shell script (BASH) which attempts to erase Linux, HP-UX and other similar partitions of the Unix Systems.

Security professionals like Symantec were puzzled and commented that it was not common for them to see such a malware that could manipulate multiple operating systems. Further data has also revealed that the malware was designed expressly to deflect and break through or shutdown South Korean antivirus products made by Ahnlab and Hauri.
The malware was also analyzed and found to be able to write over the master boost records. During the cyber attack, various random components in the file systems were overwritten causing many files to be irrevocably damaged and unrecoverable even if an effort is made in order to enable the recovery of the computer’s MRB.
However, the vast codes, their range of attack and the specific functions allotted that enabled the cyber attack to happen has piqued the interest of many security measure providers and companies like McAfees, Avast and Symantec which are studying the cyber attack minutely to glean some other aspect of interest.