Chrome blocking Naenara

Naenara-malware-screenshot

Above: What I see when I try to log onto Naenara.kp

For several days now, Google Chrome has blocked access to the DPRK’s Naenara portal because it contains malware.

Here is the information that Chrome provides about the site:

What is the current listing status for naenara.com.kp?
Site is listed as suspicious – visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.

What happened when Google visited this site?
Of the 5628 pages we tested on the site over the past 90 days, 18 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-03-19, and the last time suspicious content was found on this site was on 2013-03-15.
Malicious software includes 143 exploit(s), 9 trojan(s). Successful infection resulted in an average of 16 new process(es) on the target machine.

Malicious software is hosted on 3 domain(s), including zief.pl/, ecpage.sakura.ne.jp/, chura.pl/.

This site was hosted on 1 network(s) including AS131279 (STAR).

Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, naenara.com.kp did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?
No, this site has not hosted malicious software over the past 90 days.

How did this happen?
In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Other sites on the .kp domain appear to be functioning normally.

Are there any brave souls with a spare computer that want to investigate this?

Share
  • The most plausible explanation is that the site got compromised and someone uploaded malware to it. That would also explain the .pl domain names.

  • Xirius

    You could use the free (Oracle) VirtualBox virtualization software, which runs at near-native speeds, which lets you create virtual machines, install an (any) OS, take snapshots and revert to them.


An affiliate of 38 North