http://english.chosun.com/w21data/html/news/200703/200703070023.html Mar. 7, 2007 Last June the phrase "Hero Gye-baek" was the most popular topic searched for on several Korean Internet portals. But who was Hero Gye-baek? He wasn't in the news, nor was he a celebrity. In fact, almost nobody knew what the words meant. And yet at its height tallies showed 1.6 million Hero Gye-baek searches were being done every day, far more than the normal 500,000 mark for other popular search terms and they were coming from thousands of different computers. Eventually the police launched an investigation. On Tuesday, a person named Baek who operated business "T" was arrested in Yeouido for criminally triggering the searches. Baek, police say, had infected computers with a malicious code that told the machine to automatically search for "Hero Gye-baek" whenever somebody logged onto the Internet. Baek was testing if search lists could be manipulated with the code, and eventually his criminal acts were uncovered. Baek had since April 2004 operated website "T" which provided television shows, movies, and radio. To access the service users had to download to their personal computers a program, but Baek's malicious code was hidden inside. The program changed Internet Explorer's start page to an advertisement site connected to an online shopping mall. Baek received a 0.2 to 2 percent commission from the online mall whenever netizens with Baek's code made purchases. In three years, Baek raked in W560 million (US$1=W948) in commissions. Meanwhile, infected users were unable to delete the program. Not only was there no automatic removal function, even if the original program was deleted the code could still manipulate the computer because it altered the machine's start-up system to prevent it being totally erased. More than a million personal computers were infected. The Cyber Terror Response Center of the National Police Agency arrested Baek and two other programmers on Tuesday. A police official said, "Because the malicious code was hidden in a regular program, netizens were unable to find the cause of their computer problems." Police advised people to check their computers regularly with software from reliable companies. _________________________________________ Visit the InfoSec News Security Bookstore http://www.shopinfosecnews.org
This archive was generated by hypermail 2.1.3 : Tue Mar 06 2007 - 22:22:20 PST