South Korea says an initial investigation shows a Chinese Internet address was the source of a cyberattack on one of the companies shut down by computer crashes.
South Korea's telecom regulator said Thursday that a Chinese address created the malicious code in the server of one of the banks, Nonghyup, that crashed Wednesday.
Experts say hackers often launch attacks via computers in other countries in an attempt to keep their identities from being exposed. Such addresses can easily be manipulated and disguised.
Regulators have distributed vaccine software to government offices, banks, hospitals and other institutions to prevent more outages.
The source of the attack is not yet clear. But suspicion has quickly fallen on North Korea. Pyongyang has threatened Seoul with attack in recent days.