South Korean Malware Attack

Overview

Reporting and technical details surrounding the malware used in the March 20, 2013, attack on South Korean assets have been varied and inconsistent. This paper outlines the attack's common attributes, gives guidance to U.S. Cricital Infrastructure and Key Resource owners and operators, and lists defensive measures against the DarkSeoul malware.