Hackers Who Exposed North Korean Government Hacker Explain Why They Did It

Earlier this year, 2 hackers collapsed into a machine and soon realized nan value of what this instrumentality was. As it turned out, they had landed connected nan machine of a hacker who allegedly useful for nan North Korean government. 

The 2 hackers decided to support digging and recovered grounds that they opportunity linked nan hacker to cyberespionage operations carried retired by nan North Korean government, exploits and hacking tools, and infrastructure utilized successful those operations. 

Saber, 1 of nan hackers involved, told TechCrunch that they had entree to nan North Korean authorities worker’s machine for astir 4 months, but arsenic soon arsenic they understood what information they sewage entree to, they realized they yet had to leak it and expose what they had discovered.

“These federation authorities hackers are hacking for each nan incorrect reasons, I dream much of them will get exposed, they merit to be,” said Saber, who said to TechCrunch aft he and cyb0rg published an article successful nan legendary hacking e-zine Phrack, disclosing specifications of their findings. 

There are countless cybersecurity companies and researchers who intimately way thing nan North Korean government, and its galore hacking groups are up to, which includes espionage cognition but besides progressively large crypto heists, arsenic good arsenic wide-ranging operations wherever North Koreans pose arsenic distant IT workers to money nan regime’s atomic weapons program.

In this case, Saber and cyb0rg went 1 measurement further and really hacked nan hackers, an cognition that tin springiness more, aliases astatine slightest different, insights into really these government-backed groups work, arsenic good las “what they are doing connected a regular ground and truthful on,” arsenic Saber put it. 

The hackers want to beryllium known only by their handles, Saber and cyb0rg, because they whitethorn look retaliation from nan North Korean government, and perchance others. Saber said that they see themselves hacktivists, and he namedropped legendary hacktivist Phineas Fisher, responsible for hacking spyware makers FinFisher and Hacking Team, arsenic an inspiration. 

At nan aforesaid time, nan hackers besides understand that what they did is illegal, but they thought it was nevertheless important to publicize it. 

“Keeping it for america wouldn’t person been really helpful,” said Saber. “By leaking it each to nan nationalist hopefully we tin springiness researchers immoderate much ways to observe them.”

“Hopefully this will besides lead to galore of their existent victims being discovered and truthful to [the North Korean hackers] losing access,” he said.

“Illegal aliases not, this action has brought actual artifacts to nan community, this is much important,” said cyb0rg, successful a connection sent done Saber.

Saber said they are convinced that while nan hacker — whom they telephone “Kim” — useful for North Korea’s regime, they whitethorn really beryllium Chinese and activity for some governments, based connected their findings that Kim did not activity during holidays successful China, suggesting that nan hacker whitethorn beryllium based there. 

Also, according to Saber, astatine times Kim translated immoderate Korean documents into simplified Chinese utilizing Google Translate. 

Saber said that he ne'er tried to interaction Kim. “I don’t deliberation he would moreover listen, each he does is empower his leaders, nan aforesaid leaders who enslave his ain people,” he said. “I’d astir apt show him to usage his knowledge successful a measurement that helps people, not wounded them. But he lives successful changeless propaganda and apt since commencement truthful this is each meaningless to him,” referring to nan strict accusation vacuum that North Koreans unrecorded in, arsenic they are mostly trim disconnected from nan extracurricular world.

Saber declined to disclose really he and cyb0rg sewage entree to Kim’s computer, fixed that nan 2 judge they tin usage nan aforesaid techniques to “obtain much entree to immoderate different of their systems nan aforesaid way.” 

During their operation, Saber and cyb0rg recovered grounds of progressive hacks carried retired by Kim, against South Korean and Taiwanese companies, which they opportunity they contacted and alerted. 

North Korean hackers person a history of targeting group who activity successful nan cybersecurity manufacture arsenic well. That’s why Saber said he is alert of that risk, but “not really worried.” 

“Not overmuch tin beryllium done astir this, decidedly being much observant though :),” said Saber.