The Pilsung cipher is part of the North Korean Red Star operating system, which was leaked to the West in 2014 [1]. The cipher was reverse engineered and analyzed by Kryptos Logic [2], which found that it is based on AES, albeit it uses key-dependent S-Boxes and permutations. In particular, Kryptos Logic reports that the ShiftRows operation in Pilsung “can make weak classes of keys possible, by having permutations that do not change columns at all.” To identify and explore this class of weak keys, we analyzed the cipher and got a better understanding of the ShiftRows permutation in Pilsung. Based on this understanding, we designed highly-efficient code for searching for weak keys. We then used Phoenix, the University of Adelaide’s compute cluster, spending thousand of CPU hours to find weak keys. Finally, we tested the keys, and found that due to our confusion about some details of the algorithm, all of our efforts were in vain and no similar class of weak keys exists in Pilsung. The contributions of this work are: • We demonstrate how AES-like ciphers that have weak ShiftRows permutations can be attacked. (Section 3.) • We develop techniques for efficient search of weak keys in such vulnerable ciphers. (Section 4.) • We highlight the benefits of early verification of results. (Section 5.)