> I am a Hacker and I am the opposite to all that you are. In my realm, we
are all alike. We exist without skin color, without nationality, and without
political agenda. We are slaves to nobody.
Classic elitist take ignoring that this this space where "all are alike" can only work for certain kinds of people.
helqn · 13h ago
On the Internet, nobody knows you’re a dog. Unless you make it your whole personality telling everybody that you are a dog. Maybe stop doing that.
dobin · 12h ago
No tolerance for the intolerant.
drtgh · 11h ago
Your quote it is out of context, they are talking to North Korea's -sociopathic- government accomplice:
<< Kimsuky, you are not a hacker. You are driven by financial greed, to enrich
your leaders, and to fulfill their political agenda. You steal from others
and favour your own. You value yourself above the others: You are morally
perverted. >>
North Korean citizens are kidnapped by a dictatorship. They are talking to someone who supports crimes against humanity.
rikafurude21 · 11h ago
I would go as far as to say slaves of a dictatorship. Most likely threathened with death, including the hackers' entire family, if they dont follow the line. Considering these factors, how much do you think they actually "support crimes against humanity"? North Koreans filter their students very early on to find the smart ones and teach them hacking in specialized military camps. Whoever this hacker is, he probably has been handpicked and groomed for the job hes doing.
pphysch · 5h ago
How is this any different from say a Pentagon or IDF employee who is involved (by some degree) in the documented mass murder of civilians? Their livelihoods are also on the line.
Are they off the hook because they "choose" to participate in mass murder?
rikafurude21 · 2h ago
Youre gonna pretend theres no difference between your entire bloodline (literally) or your salary being on the line? If you work at the Pentagon and see mass murder of civilians you have the option to stop going to work. A north korean hacker does not have that option.
A4ET8a8uTh0_v2 · 1h ago
You may be assuming a fair bit. Just because it is evidently true that there is a difference, to the parent, depending on their philosophical bent, it is not impossible that it is the outcome alone that determines level of willingness to accept level of.. dunno what is a good word here.. responsibility. In other words, from where they come from, all other factors are not relevant. I don't subscribe to this particular view of the world, but it helps to be able to understand others.
rikafurude21 · 1h ago
I get that a pure consequentialist can flatten every distinction, but in the real world we still distinguish between
(a) ‘I’ll kill your entire bloodline if you stop typing’ and
(b) ‘You can resign and face a résumé gap.’
Until we’re ready to treat a bank-teller under duress the same as an armed robber, that difference has to matter.
lovich · 3h ago
I don’t necessarily agree with you but I’m not sure why you are being downvoted into oblivion.
Tangentially, my problem with this phrase post is that I am struggling to get past all the obvious falsehoods when it comes to the non technical part of the writing.
It starts off the bat with using terminology like “Advanced Persistent Threat” and conflates what it already identified as a North Korean group as Chinese in this sentence
> It shows a glimpse how openly "Kimsuky" cooperates
with other Chinese APTs and shares their tools and techniques.
And then gives some flowery speech about how the Koreans are bad and political but this author who opposes them is good and not political.
This reads to me like the ravings of some crazy person with advanced skills who thinks everyone else is the crazy one while wearing a tinfoil hat, or a federal group leaking a no longer useful technical hack surrounded in language pushing propaganda
sublinear · 11h ago
To quote the movie Hackers:
"Cool? It's not cool. It's commie bullshit!"
sim7c00 · 14h ago
Brian: We are all different!
Guy: I'm not!
its always just some cheesy hacker words put to seem mysterious or whatever -_-.
we are legion, we are one etc.
anything like that fall apart quickly if you attach identity to something doesnt it.
i guess by being anonymous online some forget they are not anonymous irl. a lot of being alone with the terminal ^^>
gotta read between all the fluff tho.
hexpeek · 21h ago
I’ve heard that in North Korea it is difficult for ordinary people to learn or own a computer. It is assumed that a small number of elite operatives are selected and trained to carry out such tasks, and it is somewhat surprising that they possess the latest technology and conduct hacking.
asdff · 21h ago
If anything the hackers in north korea are probably world class if the government is getting their students into focused training programs early in their schooling. Western nations have nothing equivalent due to schooling being generalist and undergrad and grad school not really introducing you to the sort of work you'd actually do on the job as a hacker. 22 year old western hacker for a 3 letter agency is going to have maybe a 6 month softball tangentially related internship of experience under their belt while the north korean might have years and years by that point.
awesome_dude · 20h ago
> 22 year old western hacker for a 3 letter agency is going to have maybe a 6 month softball tangentially related internship of experience under their belt while the north korean might have years and years by that point.
I was with you right up until this bit
The agencies concerned tend to recruit people that have demonstrated ability in that field, and they've usually got it with "self-directed" training :)
Joel_Mckay · 14h ago
State sponsored thieves are not a talent pool that anyone wants in a trusted position.
The fact is there were only around 40 unique hacks ever invented, and people simply adapt these into new zero day exploits. Notably, this is now mostly a fully automated process.
If people want in, they will get in eventually. =3
> State sponsored thieves are not a talent pool that anyone wants in a trusted position
Why? They’re intelligent, crafty and able to make trade-offs.
Empirically, ex-spies have a solid history in reaching commanding positions in politics and business.
Ray20 · 45m ago
> Empirically, ex-spies have a solid history in reaching commanding positions in politics and business.
But it's not because someone wants them there. It's because they can demand the position they want.
Joel_Mckay · 10h ago
It is complicated, but Moral Development theory does cover the phenomena of why some won't understand until they personally grow through the stages of development.
Reading up on it made me realize that a certain well known orange person is really on Stage 2 of moral development. That explains a lot.
But also gives hope. I mean, it’s rare that adults fail to advance from pre-conventional phases, so it must be super rare to have such a confluence of factors that puts someone like that in the given job.
vntok · 13h ago
ChatGPT decoded the ROT47 text immediately from a simple prompt: "Decode this string sent by some random pompous guy on Hacker News: [raw string]".
If robots want in, they will get in eventually too, apparently.
KyleBerezin · 3h ago
No need for insults, I found it fun. ROTs are easy to detect because they usually still have word-length chunks, and common repeating symbols. In this case the '6's ('e's). This is something a language oriented AI is going to be very good at detecting. It's great demo of why hashing is so important.
If you don't see repeating symbols, it could be a running key, like a Vigenèr cipher.
Joel_Mckay · 12h ago
It was a simple way to highlight impulsive behavior common in modern users, and the trivial encoding function should be obvious to those who are minimally empathetic. Ask the LLM handler if being lied to makes people feel worse than getting robbed... then consider if you would hire such individuals.
If you are ever unsure of someones motives, than politely ask for context. Have a wonderful day =3
What is the impulsive behavior? Do you have a zero day in some ROT-47 decoder? Or perhaps a zero day in the file command in case a user creates a file containing the string and runs the command on it? Or is the string both a valid ROT-47 string and a valid executable on some platform?
> If you are ever unsure of someones motives, than politely ask for context.
Asking for context.
Joel_Mckay · 2h ago
In general, the point was predicting statistical behavior is easy in large enough populations, and finding utility in that fact is trivial.
Exploits are boring, and thus have questionable utility in a proper business context. Don't worry about it... =3
stingraycharles · 9h ago
I always understood that these hacks are one of the main ways for North Korea to actually earn money in other currencies, as they’ve been barred from trading with pretty much the entire world.
ummonk · 20h ago
North Korean teams tend to perform very well in coding contests, so it’s a safe bet that North Korea is quite good at nurturing a small slice of elite computing talent.
SoftTalker · 19h ago
They just identify talented individuals and send them to schools in China or elsewhere to learn the latest tech.
richardfeynman · 17h ago
source? interesting if true.
Ray20 · 19h ago
> somewhat surprising that they possess the latest technology and conduct hacking.
Why does this surprise you? As you said, selecting capable people is not a problem. And then these capable people get the best possible motivation. I would say it is expected to get qualified hackers in such conditions, who are proficient in all latest technologies.
codedokode · 8h ago
Why everyone working with the government doesn't use hardware keys without passwords so that fishing is useless?
alt227 · 4h ago
Surely people can still phish for the user to insert their hardware key to approve something malicious?
codedokode · 1h ago
Hardware keys (unlike humans) usually check page URL and do not send the data stored by another domain.
I know some people in the US government who definitely need a hardware key to access computing resources including email. They work for the Dept of the Interior on science stuff, nothing related to national security or otherwise sensitive info.
They mentioned this was a pain in the ass, and a very weird restriction since technically any member of the public can ask for a copy of their emails via FOIA.
bornfreddy · 7h ago
Because hardware keys are so 2000 - we have apps now. With Play Protect Premium Enterprise to make sure the phone is secure. /s
sgnelson · 23h ago
This is interesting due to the tying of DPRK and PRC. It seems hard to say how much coordination there is between the two, but whatever it is, it appears to be greater than zero. While not necessarily surprising, I wonder if this public attribution will make it harder for the PRC to deny involvement with both the DPRK's efforts and their own.
wrp · 20h ago
Regardless of how unhappy Beijing may be with things Pyongyang does, North Korea is of such obvious strategic importance to China that they are unlikely to ever waver in their support of the regime or even try to hide it.
energy123 · 16h ago
China kept backing Khmer Rouge despite the millions dead and even invaded Vietnam to protect them. Amoral, self interested actor at best. There's nothing North Korea could do to their own people to change the support.
hetman · 16h ago
In fairness, the US kept indirectly funding the Khmer Rouge even after evidence of their atrocities came to light for their own strategic geopolitical reasons.
The realpolitic of international relations very often follows the words of the British prime minister, Lord Palmerston: "We have no eternal allies, and we have no perpetual enemies. Our interests are eternal and perpetual, and those interests it is our duty to follow."
fluoridation · 7h ago
So there is a universe out there where the US would have supported/allied with Nazi Germany had it been convenient?
arrosenberg · 6h ago
Sure. If Smedley Butler has been less disillusioned by his work history and successfully carried forward the business plot it’s pretty easy to imagine.
immibis · 5h ago
Yes, this one.
fluoridation · 5h ago
What do you mean? Some US companies did business with Nazi Germany, famously IBM and of course Ford, and of course there were nazi sympathizers in the US, but to my knowledge the US never supported Germany at that time.
dboreham · 6h ago
Hardly difficult to imagine when you look at when WW2 began vs when the US became involved, and why.
AngryData · 5h ago
I mean the US had no problems selling Nazi Germany arms at the start of the war. The US only really took a side after Germany told the US to stop also supplying war materials to their enemies, which Germany viewed as merely prolonging the war and deaths, and when the US ignored them because they were making too much money Germany stopped buying and doubled down on blockading material support to allies.
0xDEAFBEAD · 2h ago
>I mean the US had no problems selling Nazi Germany arms at the start of the war.
Anything happens to North Korea and all those starving people flood into China. I think that’s why China supports North Korea.
mytailorisrich · 16h ago
China did not, and still doesn't, want US troops at its border. That's why it originally intervened and why it supports North Korea. At the time there was also a further risk that the US might invade China.
wkat4242 · 10h ago
That doesn't have to be the result of it. A more humane regime in NK doesn't mean reunification has to happen. And, part of the reason those US forces are in South Korea is the threat of the North. By threatening US involvement in case of an attack.
bfg_9k · 18h ago
I mean, same could be said about South Korea. It would instantly drag their GDP per capita down by more than half, and that's not even counting how much money would need to be spent to re-develop NK.
alexey-salmin · 18h ago
If both counties sustain their current trajectories, in 50 years it will be NK re-populating and re-developing SK. And the "if" here is mainly about NK, chances of SK getting out of the death spiral are very thin.
the_af · 18h ago
I recently read/watched videos about the "population time bomb" in South Korea and how it's almost irreversible now. It really surprised me, it's one of those things that's hard to visualize. And it's not even long term!
wkat4242 · 9h ago
They can always allow more immigration. National populations don't grow only by births.
the_af · 8h ago
Apparently, due to cultural, political and economical issues, South Korea cannot/won't do this. I suppose it theoretically could, but in practice it would mean it would cease to exist as it is now.
Due to the scale of their population collapse, the influx of immigrants would have to be massive. Which country does that? It would completely overtake its native ethnic population... which unlike a country built on immigration like the US, is surprisingly homogeneous.
I'm no expert, I encourage you to read on the matter. It apparently truly is something that cannot be stopped now. It surprised me as much as it (apparently) does you.
By the way, countries that are better off, like the US, are largely helped by immigration indeed. Which is why anti-immigration policies would be like shooting themselves in the foot.
Ray20 · 29m ago
> Apparently, due to cultural, political and economical issues, South Korea cannot/won't do this.
Because it's not a problem yet. What's going to stop them from doing it when the birth rate becomes a problem? Almost nothing.
> Due to the scale of their population collapse, the influx of immigrants would have to be massive.
Not really. You are mistakenly extrapolating the situation in the Western world, where purposefully brought in almost only criminals and freeloaders, to Korea. If you organize immigration of labor, then not so many immigrants will be needed
wkat4242 · 8h ago
> I suppose it theoretically could, but in practice it would mean it would cease to exist as it is now.
But it's going to cease to exist as it is anyway. One way or another. And the people that remain will not be staring at a wall waiting for it to end. Also, young people seem to have a radically different mindset there, which is what tends to happen when they see their parents screwing everything up.
Maybe the culture isn't there yet but it will be. Having said that, I would never be happy to live in a country with strict moral codes like Japan or South Korea. But I'm sure many people would be. In particular conservatives tend to love these societies, you often hear comments like "this is what we should do here in the US".
I'm a raging pro-lgbt polyamorous kinky progressive so for me it would be the wrong place. But there are lots of people that would love this kind of thing.
lovich · 3h ago
> But there are lots of people that would love this kind of thing.
Doesn’t the fact that the people in said culture have decided it’s no longer worth reproducing, en masse, because of how their life is, imply that a lot of people wouldn’t actually like that kind of thing?
the_af · 8h ago
I mean, I don't know what to tell you. You seem to be reacting in disbelief, "this cannot be true".
But reality shows it is happening, it is accelerating, and young people are part of the problem.
It's a real thing, and the consensus seems to be it's irreversible, however bizarre it may seem to us.
wkat4242 · 6h ago
I just think life finds a way. Societies don't just disappear. They just change. There's too much value in Korea to just give up.
Will it disappear as we know it? Yes. But that is true everywhere. The America as you knew it in 2010 is also gone forever (and not for the better, unfortunately with its current politics). Same in Europe where the nazis are trying to take over. Change is a constant.
alexey-salmin · 3h ago
Life finds a way, just not necessarily your life or your kids'
the_af · 5h ago
Life doesn't always find a way. Mass extinctions are a thing. Even human cultures & ethnic groups have disappeared without a trace.
The South Korean population time bomb is a completely different thing to America in the 2010 changing.
Have you read what people who study demographics currently believe about South Korea. An informed opinion is really needed to discuss this, this is not about "feelings".
djtango · 18h ago
Genuine question that I'm trying to learn about - the industrialisation of Japan and South Korea led to huge wealth creation and increases in quality of living. I know some of that is stagnating now and especially in South Korea things are difficult, but why isn't North Korea ever spoken of in those terms rather than always the GDP hit to South Korea?
moomoo11 · 17h ago
How did they manage to brain control millions of people like that? I mean it’s so ludicrous to an outsider.
forgotoldacc · 12h ago
Nearly every authoritarian country starts with people promising good things. A lot also start with rebels fighting against a group that led a massacre. They're underdog groups with popular support.
Then those underdogs take over. They become paranoid about the possibility of being killed themselves, so they repeat the massacres they fought against. A lot of people who supported the new regime think it's just a few remaining enemies being taken out. It won't happen to them. Then the government starts laying out methods to solidify their control. The list of things seen as traitorous and against national interests grows. It becomes a frog in a boiling pot situation. By the time people realize they might be a target, the system is too complicated and widespread to take down alone, and a new generation of youths have been raised knowing only the current system. And to those youths, things are stable. The most terrifying thing to people raised in stability is the idea of losing that stability. So keeping your head down and following the law is much better than absolutely anything else.
And with the absolute control of information that NK has, a significant portion of people really don't even know a better world exists out there. And they're terrified of anyone that even talks about shaking things up.
Ray20 · 18m ago
It looks like a liberal fantasy. The truth is that along the rivers that run on the border with China there are posts with machine gunners every 100 meters. Brainwashing is obviously nearly zero-effective, since they have to resort to machine guns.
immibis · 5h ago
Not limited to non-Western countries btw. We are also vulnerable.
rtpg · 16h ago
In the initial era of the split between North and South Korea, South Korea both was run by a bunch of people who had a history of outright killing leftists, and the United States was involved in similar actions.
The lack of serious offramps to reunification, along with not as huge a delta in quality of life between north and south for a long time (aid from other countries sure helps!), allowed the DPRK to establish itself as its own nation.
Now there is the surveillance state apparatus allowing the DPRK to exist in its current form in perpetuity. And even if tomorrow they showed up and said "let's unify Korea", South Korea (even ignoring all the ideological reasons it might not want to) would likely be unwilling to absorb an extremely poor country and pay for it (see the painful experience of Germany's unification).
There is probably no off ramp that exists unless people are willing to let the elite walk away clean from the situation in one way or another, and it seems hard to imagine such a future.
And if you are a north korean elite and you are allowed to travel to northern china, you will see a place where things are running more smoothly, but you're still going to see places with massive amounts of internal controls and restrictions. So who's offering the upside to some regime change here?
brabel · 12h ago
> see the painful experience of Germany's unification
I had thought that Germans from both sides were overwhelmingly supportive of re-unification, even if it would cause short-term pain??
jonasdegendt · 11h ago
It's my understanding there were plenty of USSR nostalgics in the east given how long it took for the free market to "trickle down" and the east to catch up economically. They never did catch up all the way anyway.
ViktorRay · 6h ago
Today the areas that were previous controlled by East Germany overwhelmingly vote for right wing parties though.
I believe the AfD political party in Germany won significant support in those areas of Germany that were once behind the Iron Curtain.
immibis · 5h ago
Yes, they won control of an entire state and almost won another.
People vote far right because they're fed up with the status quo, and perceive the far right can't be that much worse when everything is already so bad. Politicians who are not far right would do well to take this into account in their politics. Sadly, they don't, and history repeats.
doikor · 16h ago
For the first couple decades while it was ahead of South Korea economically (in large part due to support from China/USSR) it was not that bad but during that time the system of absolute control by the Kim family was setup and once it was up it is too late to really do anything due to how absolute/brutal the control is (you say anything wrong and you and your whole extended family end up in a prison/death camp)
Basically people are willing to put up with a lot if their lives are getting better (economic growth). Problem with that is what kind of system of control an authoritarian government can setup in that period of growth.
ryan-ca · 16h ago
Empiricism in the face of a totalitarian regime is difficult.
stogot · 17h ago
Less of brain control, and more like slaughter of anyone who disagrees or rolls their eyes. Read accounts of those who escaped
madmaniak · 12h ago
It's funny to say that because we're living in a bubble too.
the_af · 20h ago
What's surprising about this? It's not dissimilar to how the US behaves towards their less than savory strategic allies (or, historically, towards dictatorships as long as they were US-aligned).
wrp · 20h ago
Not saying it should be surprising. Just trying to answer the question.
thisislife2 · 16h ago
Exactly. It's the equivalent of something like western Five / Nine / Fourteen Eyes, that also share intelligence within the alliance.
ummonk · 20h ago
I don’t see any smoking gun here that would prevent the PRC from denying its involvement in these hacking efforts.
rr808 · 3h ago
Russia too after the public hand holding last week.
jmyeet · 23h ago
I don't think Chinese support for NK has ever been a secret anymore than the the US support for South Korea has. And it's in China's backyardd so they've got way more of an excuse.
And if you think that doesn't matter, look at the Monroe Doctrine [1].
Taken further, the so-called Cuban Missile Crisis should really be called the Turkey Missile Crisis. The US (through NATO) placed Jupiter nuclear MRBMs in Turkey, only hunddreds of miles from Moscow. The USSR responded by doing the exact same thing, by placing nuclear weapons in Cuba. And the US almost started World War 3 over it.
It was the USSR who stepped back from the brink and, as a result of a secret agreement, the Jupiter MRBMs were quietly removed from Turkey [2].
> The USSR responded by doing the exact same thing
This paints it as tit for tat, but to advert invasion the Cubans asked for the missiles over a year later than the missiles were placed in Turkey. The resolution combined these separate issues.
churchill · 23h ago
Why is this comment downvoted? You have the right to see China, USSR and NK as immoral regimes but there's nothing non-factual here.
charonn0 · 23h ago
The topic is cybercrime and espionage, not nuclear brinksmanship or colonialism. Whatever parallels can be drawn don't seem to be very relevant, so the comment comes off as an attempt to deflect criticism.
kace91 · 23h ago
Maybe it wasn’t clear, but I think the comment is explaining the importance for superpowers of keeping their immediate surroundings politically aligned - china wants NK on their side for the same reason neither the US or the URSS wanted nukes on their doorstep.
No comments yet
codpiece · 21h ago
It was still a fascinating aside, and it's not like HN stays on topic in a thread. I learned something today.
corimaith · 9h ago
I do wonder what's the state of history education today when one only learns a basic history event today, and through a layman's forum post which is surely going to have all the complete perspective as opposed to setting out an explicit agenda.
the_af · 20h ago
> The topic is cybercrime and espionage, not nuclear brinksmanship or colonialism.
Those are all closely related topics in geopolitics.
skinnymuch · 20h ago
You can’t separate colonialism and imperialism from Korea. As if any of us know what Korea would be doing if the west didn’t invade then sanction among other things.
corimaith · 9h ago
North Korea invaded South Korea after US pressured South Korea to disarm. North Korea was the imperialist actor here.
corimaith · 9h ago
The causality between missiles in Turkey causing the Cuban Missile Crisis is unsubstantiated by historical facts from the Soviets own perspectives.
It's more that Cuba requested nukes first, the USSR opportunistically took, then they to resolve the crisis they took that opportunity to remove Turkish missiles. It wasn't really a tit for tat on part of the USSR's intentions, Cuba was the primary agent here.
Not that it really mattered later on once ICBMs are developed.
jmyeet · 7h ago
From Khrushchev's own words (27 October 1962) [1]:
> Your missiles are located in Britain, are located in Italy, and are aimed against us. Your missiles are located in Turkey.
> You are disturbed over Cuba. You say that this disturbs you because it is 90 miles by sea from the coast of the United States of America. But Turkey adjoins us; our sentries patrol back and forth and see each other. Do you consider, then, that you have the right to demand security for your own country and the removal of the weapons you call offensive, but do not accord the same right to us? You have placed destructive missile weapons, which you call offensive, in Turkey, literally next to us. How then can recognition of our equal military capacities be reconciled with such unequal relations between our great states? This is irreconcilable.
According to General Boris Surikov [2]:
> 'Khrushchev and his Defence Minister, Rodion Malinovsky, were at Khrushchev's estate on the Black Sea. They went for a walk and Malinovsky pointed in the direction of Turkey and said: 'That's where the American rockets are pointing at us. They need only 10 minutes to reach our cities, but our rockets need 25 minutes to reach America.' Khrushchev thought for a while and then said: 'Why don't we instal our rockets in Cuba and point them at the Americans? Then we'll need only 10 minutes, too.'
This article goes on to quote the Soviet Ambassador to Cuba, Alexander Alexeyev, who was a direct witness and a go-between between Khrushchev and Castro:
> 'On 14 May 1962 I was called to a meeting of the Defence Council at the Kremlin. Khrushchev said, in effect: 'Comrades, I think it would be a good idea to instal rockets in Cuba. Do it clandestinely. I don't want it known in the US until November (after the mid-term Congressional elections). Alexander Alexeyev, how will Fidel react when we present him with our decision?'
That dosen't refute anything from his own words as a justification as opposed to his primary goal to provide Cuba with defence here to deter a US invasion. As others have pointed out, the USSR was annoyed by these placements in Italy and Turkey earlier, but they did not declare war or start a crisis over it beforehand. It's more that Turkey was a bargaining chip here.
>>Our aim has been and is to help Cuba, and no one can dispute the humanity of our motives, which are oriented toward enabling Cuba to live peacefully and develop in the way its people desire.
You need to place here in context that the Jupiter missiles in Turkey were already obselete but the US had the overwhelming advantage in a nuclear strike with their Atlas ICBMs in USA at the time, relying more on a fleet of intercontinental bombers that could targeted by NORAD.
Removing nukes for Turkey did little to change the strategic calculus, but it did heavily deprive the USSR of an opportunity to change that calculus with Cuban nukes at the time, which was a major factor in Kruschev's later removal from power.
tonyhart7 · 15h ago
in intelligence and cybersecurity community this are well known fact
after all chinese is the first one that has official military cyber unit (first in the world)
north korean following suit for monetary reason and have as far as Property (Hotel etc) on china mainland to run the operation from there
as for china??? they basically have an "laundry" business that can take dollar from korea in trade of supplies
jamedjo · 9h ago
> Attribution Scenarios:
Option A: DPRK Operator Embedded in PRC
> Use of Korean language, OCR targeting of Korean documents, and focus on GPKI systems strongly suggest North Korean origin.
I'm don't follow how needing OCR to read Korean documents points to them being North Korean?
Could also point in the opposite direction of them needing to copy the text for translation.
Thorrez · 9h ago
Their shell history shows them using OCR tools. AFAIK it doesn't show them using translation tools.
jamedjo · 8h ago
Fair, and appears I missed the first part "Use of Korean language".
The OCR still tells us more about the target than the actor, but I guess they are suggesting the choice of target itself is the indicator.
tremon · 1d ago
> The dump also revealed reliance on GitHub repositories known for offensive tooling. TitanLdr, minbeacon, Blacklotus, and CobaltStrike-Auto-Keystore were all cloned or referenced in command logs.
What's the rationale for allowing the development of offensive tooling on github? Is this a free-speech thing, or are these repositories relevant for scientific research in some way?
StrauXX · 23h ago
They are heavily used in penetrationtests and red teaming engagements. Banning such tools from the public just mystifies attackers ways to defenders, while not in any way hindering serious malicious actors. We had that discussion back in the 90s and early 2000s.
freedomben · 23h ago
Agreed. Plus it's not always a clear line between offensive and legitimate usage. For many years nmap was banned on most corporate networks, but it's an invaluable tool for legitimate use too, despite being useful for offensive cases as well
wkat4242 · 10h ago
It's mainly beside nmap detection is a feature of most IDS so it's bound to raise some red flags.
Same with even doing packet sniffing. It can be detected when using wireshark because it does reverse DNS lookups for each ip it sees in its default configuration.
I had legit reasons for it at work so I always mentioned it to the network guys before ding stuff like this. We also had a firewalled lab network. We did get some pushback once when some scans leaked out to the office network. But it was their fault for having the firewall open.
randall · 20h ago
one time i ran nmap against my dev box at facebook. i was definitely worried someone was going to give me a stern talking to.
varenc · 19h ago
I ran 'neoprint.php' on myself at Facebook in 2007 and immediately got a stern email about it... It was some script that collected info for responding to law enforcement requests. But after chastising me, the email said "I was gratified that you ran it on yourself". (as opposed to snooping on someone else!)
It was just a summer internship and FB was like 'only' 80 engineers back then. But they still took it seriously.
Thorrez · 9h ago
I think that's a little different. It sounds like neoprint.php is an internal Facebook tool for looking up data on Facebook users. So improper usage of it is a privacy problem for users. It's something misbehaving employees might run against celbrities, exes, etc. (e.g. https://www.gawkerarchives.com/5637234/gcreep-google-enginee... )
Otoh nmap isn't a privacy problem for users of Facebook (or any other tech company).
SoftTalker · 19h ago
I use nmap routinely at work to see what’s on a subnet, has anything new appeared, or where it should not be.
bravetraveler · 16h ago
+1. If I can't run nap or netcat, or have to justify it each time, I can't do my job. Better off elsewhere.
I've departed early at least twice over this. Draconian IT serves nobody. Been doing this long enough I deliberately poke any new employer; see what's in store.
Nobody cares, though. EDR appliances sell without careful administration. The industry will outlive us all.
hsbauauvhabzb · 19h ago
While that may be true, it’s less true for things like cobalt strike. I’m not saying that banning tooling would be a good thing, but it’s a bad argument to compare Nmap to remote access tools.
freedomben · 18h ago
I don't disagree, but GP is asking about all offensive tools, not just Cobalt strike. IMHO a platform like GitHub should not be picking and choosing which projects are offensive enough to remove. Yes, there are some tools that are pretty clearly more offensive than others, but creating a policy would not be clear-cut
wkat4242 · 10h ago
Cobalt strike is just an automated script kiddie really. It's a way for red teamers to catch low hanging fruit. And because of that, there's not so much low hanging fruit anyway.
laveur · 23h ago
I think they get heavily used by security researchers, and other people that do regular Penetration Testing.
awesome_dude · 20h ago
Isn't Github supposed to be blocking sanctioned countries, like Iran, and North Korea?
> GitHub now has a license from OFAC to provide cloud services to developers located or otherwise resident in Iran. This includes all public and private services for individuals and organizations, both free and paid.
> GitHub cloud services, both free and paid, are also generally available to developers located in Cuba.
overfeed · 19h ago
Do you have any reason to suspect GitHub isn't blocking those countries? How long do you think an offensive-security sponsor/passport-issuing nation might take to get around GitHub IP-blocks?
dmoy · 19h ago
Right exactly. The only way IP blocks work is if there's no vulnerable machines to take over anywhere. That is - it basically doesn't work for any motivated attacker.
You could hypothetically make it work, but it would mean an extremely different Internet and device landscape than exists today. (And even then I doubt it stops a nation-state level attacker, they can always use old fashioned espionage to get someone in meat space and get around any technical barrier)
traverseda · 23h ago
What alternative do you suggest?
No comments yet
Pocomon · 21h ago
> The leaked dataset attributed to the “Kim” operator offers a uniquely operational perspective into North Korean-aligned cyber operations.
It's puzzling why the NORC hackers didn't use a nearest neighbor hack rather than leaving a trail of bread crumbs all the way back to Pyongyang ;)
wkat4242 · 10h ago
Sometimes sending a message is part of the point. And you still have plausible deniability anyway "it was a false flag booo".
The Russians do this a lot. This kind of attack that they want everyone to know they are being without telling you they are behind it and denying it in all colours.
aussieguy1234 · 22h ago
That's a fairly detailed analysis of an APT workflow.
Now, non-APT actors, if they wanted to up their level of sophistication, might replicate some of these workflows for their own nefarious activities.
awesome_dude · 20h ago
There's always a risk of openness creating copycats, but there's also the fact that informed decisions can now be made by people who need to mitigate against these malicious actors.
There's no way to only give the information to one group without the other group getting their hands on it.
fragmede · 20h ago
There's levels between not sharing it with anybody, and dumping it up on the public web for everyone to see. There are private disclosure lists they could have used, if they wanted to.
sim7c00 · 14h ago
interesting stuff but the china angle is a bit overstated with option A/B.
it could simply be the guy maintains presence there because he has access. NK has no public internet so he might simply enjoy internet access -_- rather than neccesarily be either pretending to be chinese or working for them...
jmyeet · 23h ago
So this is interesting from a technical perspective. Some of this infrastructure is used by pen testers and the likes, which just goes to show that there is no such thing as a defensive weapon. I'll let you ponder why that might be pertinent.
Unfortunately, it quickly turns into a discussion of how bad NK and China are and how China shouldn't support NK (because, again, they're bad).
I'll offer two words to expose the hypocrisy of this: Stuxnet, Pegasus.
p0w3n3d · 2h ago
This is some clickbait. At least to me. I've recently read an article that when Kim Jong Un takes dump he does it in a N.Korea secret service owned toilet that is being dragged always with him. Hence "Kim dump" sounds really... Physical...
Classic elitist take ignoring that this this space where "all are alike" can only work for certain kinds of people.
Are they off the hook because they "choose" to participate in mass murder?
Tangentially, my problem with this phrase post is that I am struggling to get past all the obvious falsehoods when it comes to the non technical part of the writing.
It starts off the bat with using terminology like “Advanced Persistent Threat” and conflates what it already identified as a North Korean group as Chinese in this sentence
> It shows a glimpse how openly "Kimsuky" cooperates with other Chinese APTs and shares their tools and techniques.
And then gives some flowery speech about how the Koreans are bad and political but this author who opposes them is good and not political.
This reads to me like the ravings of some crazy person with advanced skills who thinks everyone else is the crazy one while wearing a tinfoil hat, or a federal group leaking a no longer useful technical hack surrounded in language pushing propaganda
"Cool? It's not cool. It's commie bullshit!"
its always just some cheesy hacker words put to seem mysterious or whatever -_-.
we are legion, we are one etc. anything like that fall apart quickly if you attach identity to something doesnt it.
i guess by being anonymous online some forget they are not anonymous irl. a lot of being alone with the terminal ^^>
gotta read between all the fluff tho.
I was with you right up until this bit
The agencies concerned tend to recruit people that have demonstrated ability in that field, and they've usually got it with "self-directed" training :)
The fact is there were only around 40 unique hacks ever invented, and people simply adapt these into new zero day exploits. Notably, this is now mostly a fully automated process.
If people want in, they will get in eventually. =3
x C62=:K6 J@F 2C6 AC66>AE:G6=J 5:D28C66:?8 H:E9 E96 DFCAC:D:?8=J =@H 6DE:>2E6 @7 6IA=@:E E2I@?@>J[ 3FE 9F>2? DE2E:DE:42= 3692G:@C :D 2=D@ ?@E 2D 4@>A=6I 2D >2?J 36=:6G6]
Why? They’re intelligent, crafty and able to make trade-offs.
Empirically, ex-spies have a solid history in reaching commanding positions in politics and business.
But it's not because someone wants them there. It's because they can demand the position they want.
Have a great day. =3
https://en.wikipedia.org/wiki/Lawrence_Kohlberg's_stages_of_...
But also gives hope. I mean, it’s rare that adults fail to advance from pre-conventional phases, so it must be super rare to have such a confluence of factors that puts someone like that in the given job.
If robots want in, they will get in eventually too, apparently.
If you don't see repeating symbols, it could be a running key, like a Vigenèr cipher.
If you are ever unsure of someones motives, than politely ask for context. Have a wonderful day =3
https://en.wikipedia.org/wiki/List_of_cognitive_biases#Causa...
> If you are ever unsure of someones motives, than politely ask for context.
Asking for context.
Exploits are boring, and thus have questionable utility in a proper business context. Don't worry about it... =3
Why does this surprise you? As you said, selecting capable people is not a problem. And then these capable people get the best possible motivation. I would say it is expected to get qualified hackers in such conditions, who are proficient in all latest technologies.
They mentioned this was a pain in the ass, and a very weird restriction since technically any member of the public can ask for a copy of their emails via FOIA.
The realpolitic of international relations very often follows the words of the British prime minister, Lord Palmerston: "We have no eternal allies, and we have no perpetual enemies. Our interests are eternal and perpetual, and those interests it is our duty to follow."
This claim doesn't appear to be true: https://www.reddit.com/r/AskHistorians/comments/1k6yi1z/comm...
Due to the scale of their population collapse, the influx of immigrants would have to be massive. Which country does that? It would completely overtake its native ethnic population... which unlike a country built on immigration like the US, is surprisingly homogeneous.
I'm no expert, I encourage you to read on the matter. It apparently truly is something that cannot be stopped now. It surprised me as much as it (apparently) does you.
By the way, countries that are better off, like the US, are largely helped by immigration indeed. Which is why anti-immigration policies would be like shooting themselves in the foot.
Because it's not a problem yet. What's going to stop them from doing it when the birth rate becomes a problem? Almost nothing.
> Due to the scale of their population collapse, the influx of immigrants would have to be massive.
Not really. You are mistakenly extrapolating the situation in the Western world, where purposefully brought in almost only criminals and freeloaders, to Korea. If you organize immigration of labor, then not so many immigrants will be needed
But it's going to cease to exist as it is anyway. One way or another. And the people that remain will not be staring at a wall waiting for it to end. Also, young people seem to have a radically different mindset there, which is what tends to happen when they see their parents screwing everything up.
Maybe the culture isn't there yet but it will be. Having said that, I would never be happy to live in a country with strict moral codes like Japan or South Korea. But I'm sure many people would be. In particular conservatives tend to love these societies, you often hear comments like "this is what we should do here in the US".
I'm a raging pro-lgbt polyamorous kinky progressive so for me it would be the wrong place. But there are lots of people that would love this kind of thing.
Doesn’t the fact that the people in said culture have decided it’s no longer worth reproducing, en masse, because of how their life is, imply that a lot of people wouldn’t actually like that kind of thing?
But reality shows it is happening, it is accelerating, and young people are part of the problem.
It's a real thing, and the consensus seems to be it's irreversible, however bizarre it may seem to us.
Will it disappear as we know it? Yes. But that is true everywhere. The America as you knew it in 2010 is also gone forever (and not for the better, unfortunately with its current politics). Same in Europe where the nazis are trying to take over. Change is a constant.
The South Korean population time bomb is a completely different thing to America in the 2010 changing.
Have you read what people who study demographics currently believe about South Korea. An informed opinion is really needed to discuss this, this is not about "feelings".
Then those underdogs take over. They become paranoid about the possibility of being killed themselves, so they repeat the massacres they fought against. A lot of people who supported the new regime think it's just a few remaining enemies being taken out. It won't happen to them. Then the government starts laying out methods to solidify their control. The list of things seen as traitorous and against national interests grows. It becomes a frog in a boiling pot situation. By the time people realize they might be a target, the system is too complicated and widespread to take down alone, and a new generation of youths have been raised knowing only the current system. And to those youths, things are stable. The most terrifying thing to people raised in stability is the idea of losing that stability. So keeping your head down and following the law is much better than absolutely anything else.
And with the absolute control of information that NK has, a significant portion of people really don't even know a better world exists out there. And they're terrified of anyone that even talks about shaking things up.
The lack of serious offramps to reunification, along with not as huge a delta in quality of life between north and south for a long time (aid from other countries sure helps!), allowed the DPRK to establish itself as its own nation.
Now there is the surveillance state apparatus allowing the DPRK to exist in its current form in perpetuity. And even if tomorrow they showed up and said "let's unify Korea", South Korea (even ignoring all the ideological reasons it might not want to) would likely be unwilling to absorb an extremely poor country and pay for it (see the painful experience of Germany's unification).
There is probably no off ramp that exists unless people are willing to let the elite walk away clean from the situation in one way or another, and it seems hard to imagine such a future.
And if you are a north korean elite and you are allowed to travel to northern china, you will see a place where things are running more smoothly, but you're still going to see places with massive amounts of internal controls and restrictions. So who's offering the upside to some regime change here?
I had thought that Germans from both sides were overwhelmingly supportive of re-unification, even if it would cause short-term pain??
I believe the AfD political party in Germany won significant support in those areas of Germany that were once behind the Iron Curtain.
People vote far right because they're fed up with the status quo, and perceive the far right can't be that much worse when everything is already so bad. Politicians who are not far right would do well to take this into account in their politics. Sadly, they don't, and history repeats.
Basically people are willing to put up with a lot if their lives are getting better (economic growth). Problem with that is what kind of system of control an authoritarian government can setup in that period of growth.
And if you think that doesn't matter, look at the Monroe Doctrine [1].
Taken further, the so-called Cuban Missile Crisis should really be called the Turkey Missile Crisis. The US (through NATO) placed Jupiter nuclear MRBMs in Turkey, only hunddreds of miles from Moscow. The USSR responded by doing the exact same thing, by placing nuclear weapons in Cuba. And the US almost started World War 3 over it.
It was the USSR who stepped back from the brink and, as a result of a secret agreement, the Jupiter MRBMs were quietly removed from Turkey [2].
[1]: https://en.wikipedia.org/wiki/Monroe_Doctrine
[2]: https://www.wilsoncenter.org/blog-post/jupiter-missiles-and-...
This paints it as tit for tat, but to advert invasion the Cubans asked for the missiles over a year later than the missiles were placed in Turkey. The resolution combined these separate issues.
No comments yet
Those are all closely related topics in geopolitics.
It's more that Cuba requested nukes first, the USSR opportunistically took, then they to resolve the crisis they took that opportunity to remove Turkish missiles. It wasn't really a tit for tat on part of the USSR's intentions, Cuba was the primary agent here.
Not that it really mattered later on once ICBMs are developed.
> Your missiles are located in Britain, are located in Italy, and are aimed against us. Your missiles are located in Turkey.
> You are disturbed over Cuba. You say that this disturbs you because it is 90 miles by sea from the coast of the United States of America. But Turkey adjoins us; our sentries patrol back and forth and see each other. Do you consider, then, that you have the right to demand security for your own country and the removal of the weapons you call offensive, but do not accord the same right to us? You have placed destructive missile weapons, which you call offensive, in Turkey, literally next to us. How then can recognition of our equal military capacities be reconciled with such unequal relations between our great states? This is irreconcilable.
According to General Boris Surikov [2]:
> 'Khrushchev and his Defence Minister, Rodion Malinovsky, were at Khrushchev's estate on the Black Sea. They went for a walk and Malinovsky pointed in the direction of Turkey and said: 'That's where the American rockets are pointing at us. They need only 10 minutes to reach our cities, but our rockets need 25 minutes to reach America.' Khrushchev thought for a while and then said: 'Why don't we instal our rockets in Cuba and point them at the Americans? Then we'll need only 10 minutes, too.'
This article goes on to quote the Soviet Ambassador to Cuba, Alexander Alexeyev, who was a direct witness and a go-between between Khrushchev and Castro:
> 'On 14 May 1962 I was called to a meeting of the Defence Council at the Kremlin. Khrushchev said, in effect: 'Comrades, I think it would be a good idea to instal rockets in Cuba. Do it clandestinely. I don't want it known in the US until November (after the mid-term Congressional elections). Alexander Alexeyev, how will Fidel react when we present him with our decision?'
[1]: https://microsites.jfklibrary.org/cmc/oct27/doc4.html
[2]: https://www.independent.co.uk/voices/the-cuban-missile-crisi...
That dosen't refute anything from his own words as a justification as opposed to his primary goal to provide Cuba with defence here to deter a US invasion. As others have pointed out, the USSR was annoyed by these placements in Italy and Turkey earlier, but they did not declare war or start a crisis over it beforehand. It's more that Turkey was a bargaining chip here.
>>Our aim has been and is to help Cuba, and no one can dispute the humanity of our motives, which are oriented toward enabling Cuba to live peacefully and develop in the way its people desire.
You need to place here in context that the Jupiter missiles in Turkey were already obselete but the US had the overwhelming advantage in a nuclear strike with their Atlas ICBMs in USA at the time, relying more on a fleet of intercontinental bombers that could targeted by NORAD.
Removing nukes for Turkey did little to change the strategic calculus, but it did heavily deprive the USSR of an opportunity to change that calculus with Cuban nukes at the time, which was a major factor in Kruschev's later removal from power.
after all chinese is the first one that has official military cyber unit (first in the world)
north korean following suit for monetary reason and have as far as Property (Hotel etc) on china mainland to run the operation from there
as for china??? they basically have an "laundry" business that can take dollar from korea in trade of supplies
> Use of Korean language, OCR targeting of Korean documents, and focus on GPKI systems strongly suggest North Korean origin.
I'm don't follow how needing OCR to read Korean documents points to them being North Korean?
Could also point in the opposite direction of them needing to copy the text for translation.
The OCR still tells us more about the target than the actor, but I guess they are suggesting the choice of target itself is the indicator.
What's the rationale for allowing the development of offensive tooling on github? Is this a free-speech thing, or are these repositories relevant for scientific research in some way?
Same with even doing packet sniffing. It can be detected when using wireshark because it does reverse DNS lookups for each ip it sees in its default configuration.
I had legit reasons for it at work so I always mentioned it to the network guys before ding stuff like this. We also had a firewalled lab network. We did get some pushback once when some scans leaked out to the office network. But it was their fault for having the firewall open.
It was just a summer internship and FB was like 'only' 80 engineers back then. But they still took it seriously.
Otoh nmap isn't a privacy problem for users of Facebook (or any other tech company).
I've departed early at least twice over this. Draconian IT serves nobody. Been doing this long enough I deliberately poke any new employer; see what's in store.
Nobody cares, though. EDR appliances sell without careful administration. The industry will outlive us all.
https://docs.github.com/en/site-policy/other-site-policies/g...
https://docs.github.com/en/site-policy/other-site-policies/g...
You could hypothetically make it work, but it would mean an extremely different Internet and device landscape than exists today. (And even then I doubt it stops a nation-state level attacker, they can always use old fashioned espionage to get someone in meat space and get around any technical barrier)
No comments yet
It's puzzling why the NORC hackers didn't use a nearest neighbor hack rather than leaving a trail of bread crumbs all the way back to Pyongyang ;)
The Russians do this a lot. This kind of attack that they want everyone to know they are being without telling you they are behind it and denying it in all colours.
Now, non-APT actors, if they wanted to up their level of sophistication, might replicate some of these workflows for their own nefarious activities.
There's no way to only give the information to one group without the other group getting their hands on it.
it could simply be the guy maintains presence there because he has access. NK has no public internet so he might simply enjoy internet access -_- rather than neccesarily be either pretending to be chinese or working for them...
Unfortunately, it quickly turns into a discussion of how bad NK and China are and how China shouldn't support NK (because, again, they're bad).
I'll offer two words to expose the hypocrisy of this: Stuxnet, Pegasus.