Even my mom practices tighter internet security than what appeared to be North Korea’s version of Facebook.
Late last May, an unusual clone of Facebook emerged on the internet which appeared to be hosted in North Korea. The site using the URL starcon.net.nk caught the attention of internet traffic analysis company Dyn for being one of the few websites to use the nk domain.
Its top page looked nearly identical to Facebook but showed no name simply reading “welcome to our social network” and having a button labelled “Facebook.”
North Korea set up a Facebook clone, had it hacked, and shut it down all in 5 days.https://t.co/8JWWtjUF3L #dnaTech pic.twitter.com/hhpEjbLdGm
— DNA (@dna) June 1, 2016
Dyn researcher Doug Madroy, Motherboard writer Jason Koebler, and a few others took the opportunity to create accounts and friend each other on this virgin social network with a privacy policy explaining the meaning of “lorem ipsum.”
However, the actual nature of starcon.net.nk is unknown. Could it be that North Korea was planning to create its own social networking system and accidentally made it global or was an outsider trying to subvert the nation by allowing its citizens access to the outside world? Starcon is the name of a South Korean website design company but it is unclear if there is any connection.
US-China 'War of Clones' - #China's clone, #NorthKorea opens and shuts its own #StarCon website - a @Facebook clone pic.twitter.com/qfcjCcjO6r
— NS Arvind (@nsarvind123) June 7, 2016
While those questions were freshly hanging in the air, someone had already hacked into starcon.net.nk. Andrew McKean, a student from Scotland, cracked the website’s defenses by typing in “admin” and “password” in the ID and password fields. “Was easy enough,” said McKean in an interview with Motherboard.
McKean learned the software phpDolphin, which was used to create starcon.net.nk, uses “admin” and “password” by default. He then gave it a try and gained full access to the site with the powers to ban users, view their email, and watch site statistics. Moreover, he discovered what might have been the site’s true name: “Best Korea’s Social Network.”
Readers of the news in Japan had this to say:
“That is funny.”
“I don’t think we can laugh, a lot of people in Japan do that too.”
“This would make a great case study for beginner web designers.”
“ID: admin, Password: password… hahaha!”
McKean didn’t do much with the site while behind the scenes simply leaving the message: “Uh, I didn’t create this site, just found the login.” He didn’t have a chance to do anything more as starcon.net.nk was closed shortly after, leaving as mysteriously as it came.
In the end it would appear that someone was testing out Best Korea’s Social Network so we may not see the last of it. If it does pop back into the world I have a sneaking suspicion that “ID” and “12345678” might be the updated administrator login.
Source: Motherboard 1, 2 (English), Rumors, Hachima Kiko (Japanese)
Top Image: RocketNews24
Leave a Reply