Details of the cross-continent attack, which almost took out three of the 13 official root DNS servers are beginning to surface with South Korea's ministry of information and communication confirming that a host server in Coburg, Germany ordered hijacked Windows machines in Korea to stage the attacks.
"In other words, Korean computers affected by viruses made raids into the root servers as instructed by the German host server. Many of our computers acted like zombies,'' said Lee Doo-won, a director at the ministry.
According to data from the North American Network Operators' Group, more than 60 percent of the problematic data was traced to South Korea, a country one of the highest broadband penetration rates in the world.
According to Arbor Network's ATLAS portal, South Korea hosts the second highest number of botnet command-and-control servers that are used to launch spam runs, host exploit sites and launch DDoS attacks.