SEOUL, South Korea — The hackers who knocked out tens of thousands of South Korean computers simultaneously this year are out to do far more than erase hard drives, cyber-security firms say: They also are trying to steal South Korean and U.S. military secrets with a malicious set of codes they've been sending through the Internet for years.
The identities of the hackers, and the value of any information they have acquired, are not known to U.S. and South Korean researchers who have studied line after line of computer code. But they do not dispute South Korean claims that North Korea is responsible, and other experts say the links to military spying add fuel to Seoul's allegations.
Researchers at Santa Clara, Calif.-based McAfee Labs said the malware was designed to find and upload information referring to U.S. forces in South Korea, joint exercises or even the word "secret."
McAfee said versions of the malware have infected many websites in an ongoing attack that it calls Operation Troy because the code is peppered with references to the ancient city. McAfee said that in 2009, malware was implanted into a social media website used by military personnel in South Korea.