South Korean high profile businesses, banks and news organisations have lost critical data by an attack involving a new piece of complex crafted malware .
Major banks NongHyup and Jeju said malware destroyed computer files.and cut internet connections, The New York Times reported.
Computers at KBS and MBC television stations froze and the former's website crashed.
Symantec researchers said the Jokra trojan had erased the data. They said it overwrote master boot record (MBR) and all data stored on it, repeating the wiping process across all drives attached or mapped to the compromised computer.
It also erased data across Linux machines.
Symantec said the trojan was not related to the Shamoon data-wiping malware that targeted the energy sector in the Middle East last August.
Researcher Satnam Narang said the attacks were aimed at destruction, not espionage.
“This is a different scenario, where you aren't having data extracted,” Narang said. “This is destroying data simply for the purpose of destroying it.
The security firm suggested the attacks could be state sponsored or launched by “nationalistic hacktivists taking issues into their own hands”, pointing to tensions between North and South Korea.
Both North and South Korean networks suffered black outs during the attacks yesterday, according to Internet monitoring firm Renesys.
The Korea Broadcasting System lost five networks, Yonhap News lost two, while further network disruptions hit Korea Gas Corp, the world's largest liquefied natural gas importer, and Shinhan Bank.
Between Monday and Tuesday, the firm also noted a rare spike in network disruptions in North Korea.
“On Monday and [Wednesday] morning, we observed outages lasting for just a few minutes in North Korea,” Renesys said.
“It should be noted that although North Korea's internet is small, it is very stable. Until last week, North Korean outages had been very rare.”