A cyber-attack on South Korean banks and broadcasters came from an internet address in China, South Korean officials say, but the identity of those behind it cannot be confirmed.
The telecoms regulator said hackers used a Chinese address to plant a malicious code that hit networks at six organisations on Wednesday.
Officials said they were continuing to investigate the origins of the attack.
North Korea has been blamed for previous attacks in 2009 and 2011.
"Unidentified hackers used a Chinese IP address to contact servers of the six affected organisations and plant the malware which attacked their computers," said Park Jae-moon of South Korea's communications regulator.
"At this stage, we're still making our best efforts to trace the origin of attacks, keeping all kinds of possibilities open," he said.Computer vaccines
North Korea is the obvious suspect but proving that Pyongyang was behind these latest attacks on computer systems at South Korean banks and broadcasters, if it was, is expected to take weeks or even months of painstaking research.
North Korea has been accused of several previous rounds of hacker attacks on its neighbour to the South.
There is plenty of free software easily available on the internet that would-be hackers can download and use without advanced skills.
That kind of software won't penetrate highly secure systems. But the latest targets in South Korea - certainly the broadcasters - probably weren't well defended.
It is seen as likely the hackers deliberately picked relatively easy targets that gained them a lot of publicity but caused little long-term damage.
Officials stressed that the IP address did not reveal who was behind the attack, as hackers can route their attacks through addresses in other countries to obscure their identities.
But the discovery has strengthened speculation that North Korea was behind the attack, the BBC's Lucy Williamson reports from Seoul.
Intelligence experts believe that North Korea routinely uses Chinese computer addresses to hide its cyber-attacks.
A taskforce is being formed to analyse the virus and stop further attacks, and free computer vaccines have been handed out to South Korean companies, our correspondent adds.
Korea's Communications Commission (KCC) said that the attacks on all six organisations appeared to come from a single entity.
The networks had been attacked by malicious codes, rather than distributed denial-of-service (DDoS) attacks as initially suspected.'Persistent hacking'
Following Wednesday's attack, the KCC raised its cyber-attack alert levels to "caution," the third highest out of five levels, news agency Yonhap reported.
Around 32,000 computers were affected by the incident, and some services at Shinhan bank, including internet banking and ATM machines, were disrupted.
However, so far no damage had been detected in public institutions and infrastructure, the KCC was quoted as saying by Yonhap.
The incident comes with tensions between the two Koreas high.
North Korea has stepped up rhetoric in recent days in response to fresh UN sanctions over its nuclear test in February and joint annual military drills between the US and South Korea, which it bitterly opposes.
On 15 March, North Korea's KCNA news agency also accused the US and its allies of "intensive and persistent" hacking attacks on its internet servers.
The telecoms regulator said hackers used a Chinese address to plant a malicious code that hit networks at six organisations on Wednesday.
Officials said they were continuing to investigate the origins of the attack.
North Korea has been blamed for previous attacks in 2009 and 2011.
"Unidentified hackers used a Chinese IP address to contact servers of the six affected organisations and plant the malware which attacked their computers," said Park Jae-moon of South Korea's communications regulator.
"At this stage, we're still making our best efforts to trace the origin of attacks, keeping all kinds of possibilities open," he said.Computer vaccines
North Korea is the obvious suspect but proving that Pyongyang was behind these latest attacks on computer systems at South Korean banks and broadcasters, if it was, is expected to take weeks or even months of painstaking research.
North Korea has been accused of several previous rounds of hacker attacks on its neighbour to the South.
There is plenty of free software easily available on the internet that would-be hackers can download and use without advanced skills.
That kind of software won't penetrate highly secure systems. But the latest targets in South Korea - certainly the broadcasters - probably weren't well defended.
It is seen as likely the hackers deliberately picked relatively easy targets that gained them a lot of publicity but caused little long-term damage.
Officials stressed that the IP address did not reveal who was behind the attack, as hackers can route their attacks through addresses in other countries to obscure their identities.
But the discovery has strengthened speculation that North Korea was behind the attack, the BBC's Lucy Williamson reports from Seoul.
Intelligence experts believe that North Korea routinely uses Chinese computer addresses to hide its cyber-attacks.
A taskforce is being formed to analyse the virus and stop further attacks, and free computer vaccines have been handed out to South Korean companies, our correspondent adds.
Korea's Communications Commission (KCC) said that the attacks on all six organisations appeared to come from a single entity.
The networks had been attacked by malicious codes, rather than distributed denial-of-service (DDoS) attacks as initially suspected.'Persistent hacking'
Following Wednesday's attack, the KCC raised its cyber-attack alert levels to "caution," the third highest out of five levels, news agency Yonhap reported.
Around 32,000 computers were affected by the incident, and some services at Shinhan bank, including internet banking and ATM machines, were disrupted.
However, so far no damage had been detected in public institutions and infrastructure, the KCC was quoted as saying by Yonhap.
The incident comes with tensions between the two Koreas high.
North Korea has stepped up rhetoric in recent days in response to fresh UN sanctions over its nuclear test in February and joint annual military drills between the US and South Korea, which it bitterly opposes.
On 15 March, North Korea's KCNA news agency also accused the US and its allies of "intensive and persistent" hacking attacks on its internet servers.