Report: Virus That Struck Sony Wasn't Very Complex
While the Sony hack attack has been among the most scandalous and resounding in recent memory, new reports suggest that the malware used to infiltrate the company’s computer systems was both highly unsophisticated and likely festered -- undetected -- in its mainframe for months.
Bloomberg reports that the virus -- dubbed WIPALL by software security developers -- features a time bomb-like deployment structure, which spent months hoarding Sony passwords and mapping its network before, finally, wiping out all data in a matter of 10 minutes.
After that 10-minute countdown was activated, victims were greeted by this ominous screenshot featuring a red skeleton and a list of threats and demands, according to Trend Micro, a Tokyo-based security software firm that studied a copy of the virus.
Users were then instructed to post their email addresses on Facebook and Twitter alongside this sentence: “Thanks a lot to God’sApstls [sic] contributing your great effort to peace of the world.”
Hackers have already released nine batches of data -- and are promising even more come Christmas.
As for further proof that the world’s biggest corporations are mostly powerless before an ever-growing flood of cybersecurity threats? The virus that targeted Sony is “available on the black market and can be used without a high level of technical sophistication,” according to Bloomberg.
Bloomberg notes that WIPALL was “coded in a Korean language environment” and is similar to a virus that struck South Korean banks and media companies in 2013. And the FBI officially confirmed this morning that the North Korean government was behind the attack in light of The Interview, a Sony film depicting an assassination plot against Kim Jong-un.
President Obama will host a press conference this afternoon to discuss potential responses to the attack.