1. Forum
  2. Fidonet
  3. CONSPRCY

  • Notorious North Korean ha

    From Mike Powell@1:2320/105 to All on Wed Aug 13 08:24:04 2025
    Notorious North Korean hacking group Kimsuky gets hacked itself - revealing some of its deepest secrets

    Date:
    Tue, 12 Aug 2025 16:04:00 +0000

    Description:
    A hacker with a conscience targeted Kimsuky and leaked tools, logs, and more.

    FULL STORY

    Kimsuky, a notorious North Korean state-sponsored threat actor , has been hacked by someone who claims not to be a cybercriminal but rather - an "artist".

    The database is 8.9GB in size, and can be found on the Distributed Denial of Secrets website, containing logs, tools, and infrastructure used by the
    group, exposing their tactics, techniques, and procedures.

    The haul contains phishing logs showing an attack against The Defense Counterintelligence Command (South Korean military intelligence security agency), different targeted domains, archives with the complete source code
    of South Koreas Ministry of Foreign Affairs email platform (including
    webmail, admin, and other modules), a list of South Korean university professors, a toolkit for building phishing sites, Cobalt Strike loaders, and more.

    Driven by greed

    Kimsuky is notorious for its cyber-espionage campaigns. The groups earliest sightings were back in 2012, and since then, it was credited with numerous attacks against government agencies, think tanks, research institutions, and media outlets. It is particularly focused on Korean Peninsula affairs,
    nuclear policy, and foreign relations.

    The hacker, going by Saber / cyb0rg, slammed Kimsuky for advancing state agendas:

    Kimsuky, you are not a hacker. You are driven by financial greed, to enrich your leaders, and to fulfill their political agenda, a letter accompanying
    the dump reads. You steal from others and favor your own. You value yourself above the others: You are morally perverted.

    You hack for all the wrong reasons, the letter concluded.

    Although a commendable effort, this leak will probably not completely stop Kimsuky, a state-sponsored actor with formidable resources.

    However, since many tools and methods have been burned, it could slow the
    group down, expose current campaigns, and force it to start from scratch in some cases.

    Via BleepingComputer

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/notorious-north-korean-hacking-group-ki msuky-gets-hacked-itself-revealing-some-of-its-deepest-secrets

    $$
    --- SBBSecho 3.28-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)

Novedades:

Servidor de Quake 3 Arena Online! - Conectate a ferchobbs.ddns.net, puerto 27960 y vence con tu equipo!