Seoul (dpa) – Part of the computer virus that paralyzed the systems at South Korean banks and broadcasters came from an internet address in China, Seoul authorities were reported as saying Thursday.
A server at NongHyup bank was accessed by a Chinese internet protocol (IP) address, which generated malicious files, the watchdog Korea Communications Commission (KCC) was quoted as saying by Yonhap News Agency.
NongHyup was one of three leading banks that suffered the attack Wednesday, which stopped financial operations and also struck three major broadcasters at 2 pm (0500 GMT).
The KCC said a single entity was thought to be behind all six attacks.
It gave the IP address as 184.108.40.206, which IP-locating websites placed in central Beijing.
Police had said Wednesday that North Korea was being considered as a possible source of the attack.
The KCC said Thursday it was still keeping that option open, as well as mulling all possible scenarios, Yonhap reported.
South and North Korea have traded accusations of cyber attacks in recent years.
Tensions have been high on the Korean Peninsula since North Korea conducted its third nuclear test in February, which was followed by a tightening of international sanctions against Pyongyang.
North Korea has also issued threats against the South and its ally the United States, who started joint military drills around the peninsula this month.