- A hacker has stolen sensitive Kimsuky files and records.
- They claim that the group is “morally perverted” and hacks for “all wrong reasons”
- But the escape will not dismantle the group, some argue
Kimsuky, a notorious threat actor sponsored by the state of North Korea, has been pirate by someone who claims not to be a cybercriminal but an “artist.”
The database has a size of 8.9 GB, and can be found on the “Distributed Distributed Secrets” website, which contains records, tools and infrastructure used by the group, exposing its tactics, techniques and procedures.
The tour contains phishing records that show an attack against the defense counterintelligence command (South Korean Military Intelligence Agency), different specific domains, files with the complete sourde code of the email platform of the Ministry of Foreign Affairs of South Korea (including web works, administrator and other modules), a list of university professors of South Korea bridge, cobalt strike loaders and more.
Greed
Kimsuky is known for his cybernetic fans. The first sightings of the group were in 2012, and since then, they were attributed numerous attacks against government agencies, Think Tanks, research institutions and media. It focuses particularly on the affairs of the Korean Peninsula, nuclear policy and foreign relations.
The hacker, which was to know / CYB0RG, criticized Kimsuky for advancing in state agendas:
“Kimsuky, you are not a hacker. You are driven by financial greed, enrich your leaders and to fulfill their political agenda,” says a letter that accompanies the overturning. “You steal others and favor yours. You are worth above the others: you are morally perverted.”
“Hate for all the wrong reasons,” the letter concluded.
Although it is a commendable effort, this escape will probably not stop Kimsuky, an actor sponsored by the State with formidable resources.
However, since many tools and methods have “burned”, could delay the group, expose current campaigns and force it to start from scratch in some cases.
Through Bleepingcomputer
