Hacker News new | ask | show | jobs
by danielvf 406 days ago
I am saying they are both a credible threat and many are amateurs. Those are not mutually exclusive.

You are talking about North Korea attackers from a theoretical point of view. For many people dealing with them is just a normal part of work. It's not an unknown that needs to be worked out logically from an armchair.

I'm saying this as someone who personally chatted with a North Korea persona that later tried to drop exploits on people, and the persona belonged to hacking group with at least one 50 million dollar heist. I've also seen the screenshots on many chats with North Koreans.
1 comments
the_af 406 days ago
I don't consider screenshots evidence of anything, so I'll completely disregard that bit.

I'm curious about your personal experience though. Did you try this tactic, and did it work? And how sure are you these weren't random hackers or trolls, but actual NK agents?

> many are amateurs

So basically this would only get rid of the amateurs, low hanging fruit that would have been caught soon enough anyway, and do a "natural selection" of only the non-stupid NK hackers to infiltrate your org?

link
danielvf 406 days ago
> And how sure are you these weren't random hackers or trolls, but actual NK agents?

"Agents" is way too big of a word. Just cogs in a corporate theft machine.

There's a lot of reasons I'm sure, but the biggest is because before a hack they asked for help doing something simple with a crypto address that was later used to test run the 50 million dollar theft that was North Korea. And also trying to drop North Korean linked malware is another data point.

This also hits my point about both dangerous and amateurs. They pulled off pretty sophisticated heist but, had to ask for help, asked for help using a crypto address tied to the theft, and blew the cover on an identity they had been building up for a year.

Here's a twitter thread I put together of both my conversation and others with this particular account:

https://x.com/danielvf/status/1905642180749775189

link
the_af 406 days ago
Thanks for the reply, I'll take a look!

Do you think asking them to say something offensive about Kim Jong Un would have outed them?

link