U.S. hacker takes down North Korea's internet after they hacked him

A lone U.S.-based hacker shut down large parts of North Korea’s internet in retaliation for targeting him last year and to express frustration at the lack of any visible response by the U.S. government, according to a report in Wired magazine.

An independent security researcher who goes by “P4x” says he is the individual behind cyberattacks that have taken many of the isolated nation’s websites offline over the past two weeks. He verified his identity and actions to Wired with screenshots but asked not to be named, fearing prosecution or retaliation.

P4xe was the victim of a North Korean hacking campaign in January 2021 that targeted Western security researchers to steal their hacking tools and any software vulnerabilities. He prevented the spies from stealing any data by opening the compromised file in a virtual machine, which is quarantined from the rest of his system, but was “shocked and appalled” that he had been personally targeted by the North Korean government.

But the hacker was disappointed by U.S. government’s public silence over a foreign nation targeting American researchers, saying it began to feel like “there’s really nobody on our side.” He was contacted by the FBI, but said he was not offered any help, and never saw any consequences for the North Korean hackers who targeted him. He was disappointed when he never saw any news of an impending investigation, or even formal recognition by a U.S. agency that North Korea was responsible.

After a year simmering in resentment, P4x decided to act on his own.

“It felt like the right thing to do here. If they don’t see we have teeth, it’s just going to keep coming,” the hacker said.

P4x told Wired the attacks are largely automated, periodically detecting and targeting the critical system that are up. He likened the process to a small-to-medium “pentest,” or penetration test that whitehat hackers use to test clients’ systems for vulnerabilities.

“It's pretty interesting how easy it was to actually have some effect in there,” P4x said, describing North Korea's Red Star OS operating system as a old version of Linux. 

Some experts have noted that North Korea’s hackers are likely based in other countries, such as China. P4x responded that he considered “annoying the regime” a success because the vast majority of North Korea’s population, who does not have internet access, was never the target.

“I definitely wanted to affect the [North Korean] people as little as possible and the government as much as possible,” P4x told Wired, to which he attributes “insane human rights abuses and complete control over their population.”

But P4x reiterated that his hacktivism was also meant to send a message to his own government’s lack of response to state-sponsored cyberattacks against its own citizens.

“If no one’s going to help me, I’m going to help myself,” he said.

The North Korean regime engages in cyberattacks for national security reasons, but also economic ones. Hacking has become a lucrative, unregulated source of income for the cash-strapped state, which reportedly stole almost $400 billion in cryptocurrency last year.