The Sony hackers made a big mistake by logging into Facebook, according to a report in the New York Times. The mistake, according to the report, revealed the hackers were working for North Korea.
"[S]enior government officials said that F.B.I. analysts discovered that the hackers made a critical error by logging into both their Facebook account and Sony’s servers from North Korean Internet addresses. It was clear, the officials said, that hackers quickly recognized their mistake. In several cases, after mistakenly logging in directly, they quickly backtracked and rerouted their attacks and messages through decoy computers abroad," the paper reported, citing anonymous government officials.
Before the attacks in November, Sony Pictures was threatened in a series of messages posted to a Facebook account set up by a group calling itself “Guardians of Peace.” After Facebook closed that account in November, the group changed its messaging platform and began sending threats in emails to Sony and on the anonymous posting site Pastebin. As far back as last June, North Korean officials wrote in a letter to the United Nations that “The Interview,” a Sony comedy about two journalists hired to assassinate its leader, Kim Jong-un, was an act of terrorism.
Chinese hackers, it turns out, made a similar mistake.
The slip-up by the North Koreans was similar to one two years ago that led American officials to conclude that hackers inside the Chinese military’s Unit 61398 was behind attacks on thousands of companies and government agencies abroad. In that case, the Chinese hackers logged into their Facebook and Twitter accounts from the same infrastructure they used for their attacks.
Facebook closed the Guardians of Peace Facebook account in November. A Facebook spokesman said the company could not comment on specific accounts or law enforcement requests. In the past, the F.B.I. has compelled companies like Facebook to provide it with specific information about user accounts, including logs of user activity and Internet protocol addresses, through court orders.
The Sony breach has become a focal point for the F.B.I. and other officials because it was one of the rare attacks on a big corporation that the United States has attributed to a foreign government.