North Korean internet outages caused by lone US hacker seeking payback

February 3, 2022

A U.S. man has reportedly managed to single-handedly take down most of North Korea’s websites from the comfort of his living room after the hermit nation allegedly targeted him with a cyber attack last year.

The hacker, only identified by his handle P4x, took matters into his own hands after the U.S. government failed to provide help following the North Korean cyber attack in late January 2021, according to Wired.

Speaking to the media outlet, P4x recalled how a fellow hacker sent him an exploitation tool containing a “backdoor designed to provide a remote foothold on his computer.” The following day, he saw saw a report posted by the Google Threat Analysis Group on Jan. 25, 2021. He used his new tool and discovered that North Korea had targeted his computer. Although he reported the incident to the FBI, the bureau allegedly failed to provide help and open an investigation into the attack. “There’s really nobody on our side,” P4x said about the situation at the time.

However, P4x took matters into his own hands when he did not hear any statements from the federal government for a year.

The American hacker reportedly targeted North Korea’s internet throughout the past two weeks. Some of the websites that suffered intermittent outages include the Air Koryo booking site and Kim Jong-un’s government’s official portal, Naenara.

“It felt like the right thing to do here. If they don’t see we have teeth, it’s just going to keep coming,” P4x told Wired. “I want them to understand that if you come at us, it means some of your infrastructure is going down for a while.”

P4x reportedly took advantage of the vulnerabilities he discovered in North Korea’s internet and automated several “Denial of Service” (DoS) attacks. A DoS is a type of cyber attack that forces a network to become inaccessible by inundating the target with traffic or exploiting vulnerabilities that trigger a crash.

Junade Ali, a cybersecurity researcher, was observing the “mysterious, mass-scale attacks on the country’s internet” and told Wired that P4x’s attacks had effectively taken out all of the websites hosted in North Korea throughout various periods. To learn more about Cybersecurity just go to Nettitude website.

P4x told Wired that he considers his attacks to be similar to a “small-to-medium pentest (penetration test),” a type of whitehat hacking activity he has done for previous clients who need to identify the vulnerabilities of their networks.

“It’s pretty interesting how easy it was to actually have some effect in there,” he said.

While P4x mentioned that North Korea has vulnerabilities in its network, the hacker declined to name any specifics, arguing that doing so could assist North Korea in finding ways to strengthen its cyber defenses.

Martyn Williams, a 38 North Project researcher, noted that dozens of the websites P4x constantly targets are mainly “used for propaganda and other functions aimed at an international audience.” But Williams argued that the hackers who attacked P4x last year were probably operating overseas, most likely in China.

“I would say, if he’s going after those people, he’s probably directing his attentions [sic] to the wrong place,” Williams said. “But if he just wants to annoy North Korea, then he is probably being annoying.”

P4x plans to go even bigger by enlisting “more hacktivists to his cause with a dark website he launched Monday called the FUNK Project — i.e. ‘FU North Korea.’”

“This is a project to keep North Korea honest,” the website states. “You can make a difference as one person. The goal is to perform proportional attacks and information-gathering in order to keep NK from hacking the western world completely unchecked.”

Featured Image via Getty Images / Dmitry Nogaev

Share this Article