New details have emerged about the hacking attack against Sony Pictures Entertainment, the motion picture studio which last week came under a withering digital siege that investigators say may have originated from North Korea.
Late Monday the FBI issued a confidential five-page warning to U.S. businesses concerning malicious software, or malware, used to carry out destructive attacks. The warning did not name Sony as a victim of the malware, though it is said to be a direct response to the breach at that company.
The full text of the warning could not be obtained, but Re/code sources who have seen it shared some of the FBI's observations:
One primary feature of the malware is that it wipes the hard drives of targeted systems. This is at minimum a strong indication of North Korean involvement. Previous attacks attributed to North Korea, including one last year against TV networks and banks in South Korea, have often included wiping software that destroys all data stored on the system.
The malware's creator used the Korean language pack in Microsoft's Windows. Perhaps another hint pointing in North Korea's direction, but not definitive either. However the software was written in such as way as to execute its functions without regard to the languages in use on the system being attacked.
The attackers apparently used compromised computers in Thailand, Italy and Poland to carry out the attacks. The FBI's warning says these systems belonged to parties unrelated to the attackers or the victim.