Chinese address source of Korean cyberattack

A Chinese internet address was the source of a cyberattack on one of the South Korean companies hit in a massive computer shut-down that affected five other banks or media companies, initial findings have indicated.

It's too early to assign blame - internet addresses can easily be manipulated and disguised - but suspicion for this weeks shut-down quickly fell on North Korea, which has threatened Seoul with attack in recent days because of anger over UN sanctions imposed for its February 12 nuclear test.

Experts say hackers often attack via computers in other countries to hide their identities. South Korea has previously accused North Korean hackers of using Chinese addresses to attack.

The crash Wednesday caused computer networks at major banks and top TV broadcasters to crash simultaneously. It paralysed bank machines across the country and raised fears that this heavily internet-dependent society was vulnerable.

A Chinese address created the malicious code in the server of one of the banks, Nonghyup, where computers crashed, according to an initial analysis by the state-run Korea Communications Commission, South Korea's telecom regulator.

It is expected to take at least four to five days for the infected computers to recover fully.

Regulators have distributed vaccine software to government offices, banks, hospitals and other institutions to prevent more outages.

- AP