Overview
- The 8.9GB dataset leaked by self-described hackers Saber and cyb0rg was published in Phrack’s latest issue at DEF CON and is now indexed for free download on DDoSecrets.
- Researchers confirm the archive contains phishing logs targeting South Korean government domains and the complete source code for the Ministry of Foreign Affairs’ Kebi email platform.
- Leakers attribute the exposed systems to North Korea’s state-linked APT Kimsuky based on strict Pyongyang work-hour patterns and familiar artifacts, but analysts warn technical forgeries leave true attribution uncertain.
- Security commentators say the public disclosure ‘burns’ key tooling and phishing infrastructure, prompting immediate operational changes yet leaving the group’s long-term capabilities largely intact.
- The high-profile use of hacker channels highlights the growing role of non-state actors in reshaping intelligence flows even as hosting sensitive materials raises privacy and security trade-offs.