Recent research from security company Cloudmark has raised doubt about the purported link between North Korea and last November’s intrusion on the computer networks of Sony Pictures Entertainment. President Obama was not among some folks that Pyongyang was behind the Sony attack even though the agency did not convince them.

Manager James Comey last week disclosed at a Fordham Law School cyber security newsgroup what seemed to be the smoking gun, although evidence linking the nation to the Sony raid has been dribbling from the FBI since the event happened. For the large part, the Sony attackers’ action was hidden by they behind proxy servers, he described, but sometimes they slipped up, as well as the FBI managed to follow them to their point of source: a block of IP addresses. The FBI reasoned since the government has such tight control over those IP addresses, the Sony hackers must have been running with its acceptance. But some action emanating from those IP addresses that are North Korean implies that the IP may have been hacked, Cloud mark risk research worker Andrew Conway reported. The company discovered the address was recorded as infected with the Wapomi worm, which is carried by USB drives and file server shares when it cross checked the IP address with Spamhaus, which monitors junk action on the Web.

“This malware carries a software downloader that offers the offender commanding it the capacity to download and run any kind of malware on the victim’s machine,” said Conway. “Yet, unless the FBI releases more particular details of their case against North Korea, including e-mail headers and mail server logs, some specialists will continue to question if they’re in fact right.” Along with the assault on Sony Pictures Entertainment, hackers attacked Microsoft’s Xbox network and Sony’s Playstation Network by starting Distributed Denial of Service attacks.

DDoS attacks marshal a large number of computers to send a barrage of traffic that pushes a web site offline. In the Sony case, the hackers used house routers that were endangered, but the thought is the same. That approach is an idea whose time may be passing, yet. “Flooding network connections may be hard to do, since you’ve got to recruit lots of bots,” said Steve Pao, general manager for security company at Barracuda. Additionally, “the service providers are now quite proficient at identifying anomalous traffic volumes,” he told TechNews World. Hackers have turned to other methods for launching DDoS attacks. “Now, most denial of service is application layer denial of service, as it makes it simpler to start a denial of service attack with fewer resources,” Pao described.