North Korea attacks a US hacker. So he shuts down the whole country’s internet

Revenge is a dish best eaten big.
Ameya Paleja

A U.S. hacker, known by his alias P4x, has claimed responsibility for shutting down the internet in North Korea, Wired reported. Although the country is roughly the same size as the state of Mississippi, it has no more than a few dozen websites largely aimed at distributing state propaganda to the international audience. 

Over the years, hackers who are usually associated with bad things on the internet, have donned the roles of activists as well. In this new avatar, they speak truth to the power, expose the facts and even attempt to stop army buildup near borders amid escalating tensions. P4x's reasons don't take the moral high ground but are simple: they're personal.

In January 2021, P4x received a file that a fellow hacker claimed to be an exploitation tool that could aid him in his projects. Just 24 hours later, P4x came across a blog post on Google that North Korean hackers were targeting U.S. security researchers. The file that was sent to him contained a backdoor exploit to take control of his computer. Luckily, P4x opened the file on a virtual machine that protected his computer system from the exploit but it was clear that the North Korean state had targeted him. 

P4x was contacted by the Federal Bureau of Investigation (FBI) seeking details about the attack and the extent of its damage but wasn't offered any protection against similar attacks in the future. A year went by, and P4x did not hear of action taken against the North Korean hackers or even formal acknowledgment of the attack from the U.S. state, so he decided to take the matter into his own hands. 

In screen recordings shared with Wired, P4x demonstrated how he had found numerous vulnerabilities in software used by North Korean systems. By launching attacks against the vulnerabilities, P4x was easily able to overwhelm the websites and knock them off, single-handedly creating a denial of service attack. Most of P4x's attacks were automated and they helped him identify more vulnerabilities in the system, so he could further exploit down the line. 

Wired confirmed the timings of P4x's attacks and the downtime of the websites using an uptime measuring service called Pingdom where major routers went down soon after the attacks and also took down email and other internet-based services along with the websites. P4x does not want to publicly list these vulnerabilities since it will make it easier for North Korea to fix them. 

According to Wired's report, only a small fraction of North Korea can access the internet with most of them being able to access only the local intranet. So, P4x's attacks haven't really troubled everyone in North Korea but only a few officials from the current regime, which is a result P4x is quite happy with. He wants to take this a step further by putting together a group of hacktivists that will further sharpen their attacks on North Korea and steal more information from North Korean websites, Wired reported. 

However, his attacks are also a swing at the U.S. government that has done little to protect individual white hat hackers like him. His attacks might also be disrupting intelligence efforts the U.S. government and its allies might be running, some experts told Wired. 

message circleSHOW COMMENT (1)chevron