Risky Business Risky Business #804 -- Phrack's DPRK hacker is probably a Chinese APT guy
64 snips
Aug 27, 2025 Greg Bell, Chief Strategy Officer at Corelight, dives into the intriguing intersection of AI and network security. He explains how AI is streamlining the analysis of packet logs, making cybersecurity investigations more efficient. The discussion veers into the complexities of hacking attributions, particularly the mislabeling of perpetrators, such as a supposed DPRK hacker likely being Chinese. Additionally, advanced techniques for embedding covert instructions in digital media hint at the evolving challenges in cybersecurity. It's a riveting look at the future of data security!
AI Snips
Chapters
Transcript
Episode notes
Downstream Compromise Amplifies Risk
- China‑linked APTs favor supply‑chain style access by compromising service providers and chaining Citrix zero‑days to reach downstream customers. Adam Boileau warned fresh Citrix Netscaler RCEs amplify that risk.
Young Operator Behind Large DDoS‑For‑Hire
- U.S. prosecutors charged a 22‑year‑old Oregon man for running Rappabot, a large botnet‑for‑hire able to deliver multi‑terabit DDoS attacks. Adam Boileau noted the botnet's scale and commercialization as typical of Mirai‑style operations.
Scattered Spider Member Gets Ten Years
- 'King Bob' (Noah Michael Urban) received a 10‑year federal sentence for SIM‑swap crypto theft and related hacking. Patrick Gray and Adam Boileau discussed his wider role in stealing unreleased music and the judge's reaction after a court email hack.