Default password helped British teen hack into North Korea’s Facebook clone StarCon
It was recently revealed that North Korea has its own version of Facebook social media website, apparently installed by the state-run Internet service provider. However, this clone set up in North Korea has already been hacked.
While North Korea is known for its strict censorship of the internet with most citizens unable to access the web, the website appears to be hosted from within North Korea, according to an internet analysis company that traced the siteโs DNS to the notoriously isolated country, reports Motherboard. Star is the name of the Internet service provider in North Korea.
The website, StarCon, appears to have been named after the countryโs Internet service provider and is modelled on the famous social network. But in its North Korean avatar, it is known as โBest Koreaโs Social Networkโ. Like Facebook, this website allows people from any part of the world to register with it after uploading their profile picture. It also allows users to post messages and upload videos and share them with their friends.
The site, which was first spotted by Doug Madory at Dyn Research, a company that monitors internet use and access around the world, is available at www.starcon.net.kp. Madory says that the siteโs DNS resolves to North Koreaโs Domain Name System, the servers that convert domain names to IP addresses. DNS is often referred to as the “address book of the internet.”
While itโs not known who set up the site, it is running PHP Dolphin, a do-it-yourself social network application that advertises to allow anyone to create their own social network.
โIt seems like itโs brand new,โ Madory told Motherboard. โVery few websites resolve to the North Korean address space, and this one does.โ
According to a report published by Motherboard, the Facebook clone didnโt deviate much from itโs original, or from the color themes and feel to the navigation and user experience.
โMadory says he doesnโt know who set the website up, but if you click around it for a while, youโll see that itโs a pretty faithful clone of Facebook, complete with a newsfeed, likes, and messaging service. The site is functionalโI friended Madory and sent several messages back and forth, posted on his wall, and uploaded a profile picture. Right now, there are only a handful of test accounts on the site.โ
Motherboard says that itโs possible that the site could only be a test-site.
โTo speculate a bit, itโs possible that North Korea is testing a social network that it will eventually make available only within the countryโs closely monitored intranet, which allows access to several government websites. Such a move wouldnโt be unprecedented for a communist governmentโCuba has its own Facebook clone that only works within the country.โ
However, it was not long before an imitation account of Kim Jung-un appeared on the site. Not long after it emerged on Friday the site existed, it was quickly hacked.
What is interesting to note that every posting and message immediately shows up as 30 minutes old, presumably because the Dolphin software doesnโt recognize North Koreaโs recently created time zone, which is 30 minutes off most of the rest of the world.
Scottish teenager Andrew McKean told Motherboard that he was successfully able to log into the websiteโs backend by simply using โadminโ and โpasswordโ as the login details. This gave the 18-year-old complete control on this website along with the power to delete and suspend users, modify the name of the website, censor certain words and also control the upcoming ads. Not just this, it also gave him the authority to โsee everyoneโs emailsโ.
