The ShadowServer crew has released some of their findings on the malware from the DDoS this weekend. First, a snip from their conclusion:

First we have seen no evidence to point a finger at North Korea. How could we tell anyway without an extensive investigation and access to all kinds of logs and other data? Unless someone has a lot of extra information, this has to be pure wild speculation as well. Cyberwar? NO way! The term Cyberwar gets thrown around all the time. It's hard to define and everyone has differing views. However, I would venture to say this is far from what most people would call a Cyberwar. It is a bit closer to Cyber Terrorism but definitely not Cyberwar.

This also includes a list of the targeted sites:

banking.nonghyup.com
blog.naver.com
ebank.keb.co.kr
ezbank.shinhan.com
finance.yahoo.com
mail.daum.net
mail.naver.com
mail.paran.com
travel.state.gov
www.ahnlab.com
www.altools.co.kr
www.amazon.com
www.assembly.go.kr
www.auction.co.kr
www.chosun.com
www.defenselink.mil
www.dhs.gov
www.dot.gov
www.egov.go.kr
www.faa.gov
www.ftc.gov
www.hanabank.com
www.hannara.or.kr
www.ibk.co.kr
www.kbstar.com
www.marketwatch.com
www.mnd.go.kr
www.mofat.go.kr
www.nasdaq.com
www.ncsc.go.kr
www.nsa.gov
www.nyse.com
www.president.go.kr
www.site-by-site.com
www.state.gov
www.usauctionslive.com
www.usbank.com
www.usfk.mil
www.usps.gov
www.ustreas.gov
www.voa.gov
www.voanews.com
www.washingtonpost.com
www.whitehouse.gov
www.wooribank.com
www.yahoo.com