Slow Fog CISO: Suspected members of the North Korean hacker group Kimsuky APT suffer massive data leak

ChainCatcher news, Slow Mist's Chief Information Security Officer 23pds tweeted, "A member of the suspected North Korean hacker group Kimsuky APT has encountered a significant data breach, leaking hundreds of GB of internal files and tools. The intrusion likely occurred in early June 2025, exposing the organization's complex backdoors, phishing frameworks, and reconnaissance operations. According to the analysis of the leaked files, the internal dumps originated from two compromised systems belonging to a Kimsuky operator codenamed 'KIM'. One is a Linux development workstation running Deepin 20.9; the other is a publicly accessible VPS used for spear-phishing activities."