South Korea's communications regulator has admitted that it falsely implicated a Chinese IP address in Wednesday's cyber attack on eight major businesses.
In a statement today, the Korea Communications Commission (KCC) said that an IP address involved in the attack, which caused the IT systems of various banks, insurers and TV broadcasters to crash spontaneously, was coincidentally identical to one assigned to China.
In fact, it was the IP address of a computer owned by NongHyup bank, one of the affected companies.
The KCC said the country's National Police Agency has confiscated the compute for investigation, Yonhap news agency reported.
The regulator has not ruled out any possibilities as to the perpetrator of the attack and is undergoing a process to track down all potential sources, the news agency said.
On Thursday, the KCC said it thought a server with a Chinese IP address had accessed one of the South Korean bank's servers and injected malware.
The link to China had bolstered speculation that North Korea had a hand in the attack.
"The North has used Chinese IPs for cyber attacks in the past", Yonhap news claimed yesterday. It quoted an unnamed official as saying that while the South Korean government had not completed its investigation, it had a "strong suspicion" that North Korea was involved in the attack.
A group hackers calling themselves "Whois Team" had claimed responsibility for the attack on social networks.
KCC said today that unlike the two other banks affected by the attack, NongHyup is still in the process of recovering its systems.