The North Korean operating system Red Star OS isn’t hacker proof, researchers demonstrated that it can be easily hacked remotely.

Red Star OS is an operating system used by the population in North Korea. According to two German researchers from the IT security company ERNW who analyzed it early this year, it is characterized by a high degree of paranoia and invasive surveilling on users.

Florian Grunow and Niklaus Schiess downloaded the software from a website outside North Korea and explored the code in detail.

These are their findings:

• Latest version is from around 2013.
• Red Star OS is based on the Fedora Linux distro.
• It has an Apple OSX look, the country’s leader Kim Jong-un, like his father, has been photographed near Macs.
• Own version of encryption files, the North Korea wants to avoid the spread of any code that might compromise OS files.

If you believe that the North Korean operating system is hacker proof you are wrong, in fact, it can be easily hacked remotely.

According to the experts at security firm Hacker House, the Red Star OS is affected by a critical vulnerability that could be exploited by remote hackers to access the PC. The attacker just needs to trick a victim into opening a link.

“Hacker House team have previously disclosed a number of local root vulnerabilities [3] & [4] in Red Star OS to show how insecure programming practices are in use by the RedStar OS developers. We are sharing another amusing example of this in the form of a remote client-side command injection vulnerability to mark RedStar’s anniversary leak.” reads a blog post published by the Hacker House.”This exploit is a client-side remote exploit which can be triggered from the Internet/Intranet and used to install malware or exploit computers running RedStar OS just by having a user click a hyperlink.”

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Red Star OS, North Korea)