Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

A mistake allowed us a peek into North Korea Internet infrastructure

A mistake allowed us a peek into the North Korea Internet infrastructure, a security researcher discovered that Pyongyang has just 28 websites. The North Korea is one of the countries that most of all is investing to improve its cyber capabilities and that has one of the largest cyber armies. But North Korea is also known for […]

A mistake allowed us a peek into North Korea Internet infrastructure

A mistake allowed us a peek into the North Korea Internet infrastructure, a security researcher discovered that Pyongyang has just 28 websites.

The North Korea is one of the countries that most of all is investing to improve its cyber capabilities and that has one of the largest cyber armies.

But North Korea is also known for its limited exposure on the Internet, it fears cyber attacks from foreign Governments against its infrastructure.

Until today no one had any idea of the number of websites registered by the country for its top-level domain, .kp.

This week something is changed, likely due to an error in the configuration of a North Korean nameserver. The apparent mistake has revealed a list of all the domains for the top-level domain .kp and related info.

According to leaked zone files, the North Korea has only 28 registered domains

“Now we have a complete list of domain names for the country and it’s surprisingly (or perhaps unsurprisingly) very small,” Matt Bryant, the expert who has found the mistake, said to Motherboard

After Bryant discovered the mistake, he downloaded the data from the domain name servers.

Some of the sites in the list are not reachable, experts speculated that they were flooded with the traffic of curious netizens and went down.

North Korea Internet

The list of domains includes commercial and educational websites like the one of the state Air Koryo airline or the Kim Il Sung University.

The leaked info also revealed the site of the official newspaper of North Korea’s communist party which is considered the core of the Government propaganda machine.

North Korea Internet

The leaked list also includes a social network website, the state version of Facebook, friend.com.kp.

North Korea Internet

and portal.net.kp that is the equivalent of the Yahoo.

Below the complete list:

  • airkoryo.com.kp
  • cooks.org.kp
  • friend.com.kp
  • gnu.rep.kp
  • kass.org.kp
  • kcna.kp
  • kiyctc.com.kp
  • knic.com.kp
  • koredufund.org.kp
  • korelcfund.org.kp
  • korfilm.com.kp
  • ma.gov.kp
  • masikryong.com.kp
  • naenara.com.kp
  • nta.gov.kp
  • portal.net.kp
  • rcc.net.kp
  • rep.kp
  • rodong.rep.kp
  • ryongnamsan.edu.kp
  • sdprk.org.kp
  • silibank.net.kp
  • star-co.net.kp
  • star-di.net.kp
  • star.co.kp
  • star.edu.kp
  • star.net.kp
  • vok.rep.kp

Now just for a second try to think if the North Korean Government will host an exploit kit leveraging on a zero-day exploit on one of the above domains 🙂

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – North Korea Internet, DNS)