A timer was set for the Master Boot Record (MBR) wiper program to activate at 2 p.m. local time yesterday. Trend Micro researchers spotted a phishing email sent to South Korean organizations purportedly from a bank. Researchers at RSA, meanwhile, have discovered what they say may be a possible mobile app connection to the South Korea attacks; if confirmed, it would be the first major attack using mobile devices. South Korean officials today said the attacks came from an IP address in China, according to a report today.”]