How a Hacker Named P4x Took Down North Korea’s Internet

A North Korean hacker silhouetted against the North Korean flag
Getty Images

Score one for the little guys. When an American security researcher — who goes by the handle P4x — got hacked by North Korea, the United States Government took little notice. To send a message, P4x wrote some code to take down North Korea’s internet. As Andy Greenberg reports in this fascinating story at Wired, North’s Korea’s internet presence is small, amounting to only a few dozen sites online.

P4x says he’s found numerous known but unpatched vulnerabilities in North Korean systems that have allowed him to singlehandedly launch “denial-of-service” attacks on the servers and routers the country’s few internet-connected networks depend on. For the most part, he declined to publicly reveal those vulnerabilities, which he argues would help the North Korean government defend against his attacks.

After P4x discovered North Korea’s vulnerabilities, he wrote a script to automate his attacks, which included denying access to email and other internet-based services. Not bad for a guy “in a T-shirt, pajama pants, and slippers, sitting in his living room night after night, watching Alien movies and eating spicy corn snacks—and periodically walking over to his home office to check on the progress of the programs he was running to disrupt the internet of an entire country.”

Those relatively simple hacking methods have had immediate effects. Records from the uptime-measuring service Pingdom show that at several points during P4x’s hacking, almost every North Korean website was down. (Some of those that stayed up, like the news site Uriminzokkiri.com, are based outside the country.) Junade Ali, a cybersecurity researcher who monitors the North Korean internet, says he began to observe what appeared to be mysterious, mass-scale attacks on the country’s internet starting two weeks ago and has since closely tracked the attacks without having any idea who was carrying them out.

Read the story