On Tuesday a Vietnamese security company Bach Khoa Internetwork Security reportedly identified the IP address of the master server that directed the attacks from North Korea against targets in the U.S. and South Korea.
The IP (Internet Protocol) address is alleged to belong to Global Digital Broadcast, an IP TV technology company based in Brighton, England. According to a spokesman for Global Digital Broadcast, the server is in Miami.
The machines used in the attack are reported to be 166,908 compromised machines located in 74 countries. These computers that get their instructions from eight command-and-control servers.
The Vietnamese security company was able to analyze data supplied by South Korean Computer Emergency Response Team to identify and seize two of the command-and-control servers. By analyzing log files from those servers they were able to identify the IP address of the master server.
Investigators believe discovery of the master server moves them closer to discovering the perpetrators and shutting down the botnet.
