FYI.

This story is over 5 years old.

Tech

North Korea’s Government Sanctioned Operating System Can Be Hacked Remotely

Another day, another Red Star OS vulnerability.

Today a group of hackers found a new vulnerability in Red Star OS—North Korea's government sanctioned operating system—which allows it to easily be hacked remotely.

The hermit kingdom's linux-based OS has never exactly been known for its security features and significant vulnerabilities have been exposed on numerous occasions since it leaked to the rest of the world last year. The latest vulnerability, exposed by the information security company Hacker House "to mark Red Star's anniversary leak," allows a hacker to remotely access users' computers simply by getting them to click on a hyperlink.

Advertisement

The third and latest version of Red Star OS comes with a modified Firefox web browser called Naenara, as well as a number of other bizarre features such as a wine wrapper that allows users to run Windows 3.1 applications. According to Hacker House, it was the "trivial remote exploit attack vectors" contained in Naenara that allowed the hackers to do their thing.

Specifically, the Hacking House hackers exploited a certain application that handles uniform request identifiers (URI), which is a way of naming resources in a network (web addresses are a type of URI, for example). In particular, Hacking House cited the 'mailto' URI request that is used for email as a weakness in the Naenara system because it doesn't wipe the request from the application's command line. This allowed the hackers to "trivially obtain code execution" by simply injecting malware links into the command line.

The end result on the user side is a normal looking web link that points to 'mailto.cmd.' When the mail client opens up the link, it allows hackers to remotely execute arbitrary commands on the user's computer.

One can only wonder if at least part of the reason the North Korean government maintains its stranglehold on internet access is because it's simply embarrassed by its information security protocols—or rather, the lack thereof.