SEOUL, May 3, 2011 (AFP) - North Korea was to blame for a cyber-attack that paralysed operations at one of South Korea's largest banks last month, prosecutors said Tuesday.
The North brought down the computer system of the National Agricultural Cooperative Federation, or Nonghyup, by hacking into a laptop of a computer security official and making it into a "zombie computer" operated remotely, the Seoul prosecutors' office said.
"This was unprecedented cyber-terror deliberatedly planned and premeditated... and involving North Korea," it said in a statement.
The attack left thousands of customers unable to access their money for three days.
The pattern used to spread malicious codes and the IP address of an overseas server used for the attack were identical to those used in previous cyber-attacks by the North, the prosecutors' office said.
Seoul accused Pyongyang of staging cyber-attacks on websites of major South Korean government agencies and financial institutions in March this year and in July 2009.
The 2009 attack also temporarily shut websites in the United States, but US officials reached no conclusion on who was responsible.
Those distributed-denial-of-service attacks used viruses planted in "zombie" computers which sought simultaneous access to selected sites and swamped them with traffic.
"The laptop computer of the IT security worker became in September 2010 a zombie PC operated by the North, which... later remotely staged the attack through the laptop," said the prosecutors.
The aim was to wipe out all data in Nonghyup's computer servers, they said, without giving any reason why the North would stage such an attack.
Experts say the North maintains elite hacker units and the South is setting up a specific military command to combat them.
"This was such a strong terror attack that it prompted the shutdown of servers to fend off further damage," said the statement.
The system crash that started on April 12 left Nonghyup customers unable to withdraw or transfer money, use credit cards or take out loans.
Nonghyup, which has about 5,000 branches, said earlier it suspected the problem was caused by cyber-attackers, who entered commands to destroy servers and wipe out some transaction histories.
Services were partially restored after three days. Around 310,000 customers filed complaints.
The attack also temporarily deleted records of some of Nonghyup's 5.4 million credit card customers, leaving the firm unable to bill customers or settle payments to retailers.