North Korean Kimsuky hackers exposed in alleged data breach

What’s new: North Korean hackers known as Kimsuky have reportedly experienced a data breach, with two hackers, ‘Saber’ and ‘cyb0rg’, leaking 8.9GB of Kimsuky’s data online. The leaked information includes phishing logs, source code for South Korea’s Ministry of Foreign Affairs email platform, and various hacking tools. This breach may complicate Kimsuky’s operations and disrupt ongoing campaigns.

Who’s affected

The breach primarily affects Kimsuky, a North Korean state-sponsored hacking group. Additionally, the leaked data includes information related to South Korean government entities and citizens, which may pose risks to those individuals and organizations.

What to do

• Monitor for any unusual activity related to the exposed domains and email accounts.
• Review and strengthen security measures for systems potentially impacted by the leaked tools and data.
• Stay informed about updates from security researchers regarding the leaked information.

Sources

• BleepingComputer