Published 2 days ago • loading... • Updated 17 hours ago

Nearly 9GB of Alleged Kimsuky Files Surface on DDoSecrets After DEF CON Release

Last week at DEF CON 33, two hackers known as Saber and cyb0rg leaked 8.9GB of Kimsuky’s files via DDoSecrets after compromising a virtual workstation and VPS linked to ‘KIM’.
Saber and cyb0rg say they gained access by compromising a virtual workstation and VPS linked to an operator called “KIM”, citing ethical objections to Kimsuky’s agenda.
Delving into the archive reveals attack logs showing attempts to compromise South Korea’s Defense Counterintelligence Command and MFA email platform, alongside a PHP “Generator” toolkit and unknown binaries not flagged by VirusTotal.
South Korean agencies have started reviewing the leak to harden networks and anticipate rapid reverse-engineering of implants for detection strategies.
With insider-risk trend on display, the breach highlights vulnerabilities in clandestine cyber units and the performative timing at DEF CON 33 and publication in Phrack.

Insights by Ground AI

Does this summary seem wrong?

5 Podcasts & Opinions

Podcast Mention

CyberWire Daily

Daily Cybersecurity and Tech News podcast featuring Dave Bittner, Rick Howard and David Moulton

Kimsuky gets kim-sunk.

CyberWire Daily discusses the Kimsuky data breach and the exposure of critical hacking tools and infrastructure.

2 days ago

Listen to Full Episode Full Episode Unlock Timestamp

Get Vantage — Podcasts, Ratings, Timestamps

Podcasts & Opinions

14 Articles

NK News

Center

Researchers identify Chinese cybercriminal working for North Korean threat group

Cybersecurity researchers say they have identified an operative working for the DPRK threat group Kimsuky who is Chinese, potentially marking the first known case of direct foreign participation in Pyongyang’s state-backed cybercrime. In a report released at the DEF CON security conference in Las Vegas last week, two researchers claimed to have stolen data from […]

1 day ago·Seoul, Korea, Republic of

Read Full Article

TechCrunch

Center

Hackers breach and expose a major North Korean spying operation

Two hackers broke into the computer of a North Korean government hacker and leaked its contents, offering a rare glimpse inside the secretive nation's spying operations.

2 days ago·United States

Read Full Article

Tech Radar

Center

Notorious North Korean hacking group Kimsuky gets hacked itself - revealing some of its deepest secrets

A hacker with a conscience targeted Kimsuky

2 days ago·United Kingdom

Read Full Article

BleepingComputer

Center

North Korean Kimsuky hackers exposed in alleged data breach

The North Korean state-sponsored hackers known as Kimsuky has reportedly suffered a data breach after two hackers, who describe themselves as the opposite of Kimsuky's values, stole the group's data and leaked it publicly online.

3 days ago

Read Full Article

01net

A Mysterious Hacker Has 9 Gb of State Secrets stolen... and His Identity Is Intriguing

A mysterious state-sponsored hacker, initially linked to the North Korean group Kimsuky, has also been hacked. But analysis of the data leak has experts wondering: what if the operator was actually Chinese? The investigation is open.

17 hours ago

Read Full Article

DiarioBitcoin

Mass Filtration Reveals Hacker Kimsuky's Crypto Spy and Robbery Armory · Global Voices

A member of the North Korean hacker group Kimsuky reportedly suffered a massive leak of data, exposing tools and techniques used in cyberspyping and cryptocurrency theft operations. *** Filtration includes hundreds of GB of internal files, malware and campaign logs. Data is attributed to an operator known as “KIM”, linked to Kimsuky. Researchers do not rule out links with Chinese actors. An alleged member of the North Korean hacker group Kimsuky…

17 hours ago

Read Full Article

Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/year