APT Down and the mystery of the burning data centers
Contents
Christopher Kunz and Sylvester
In August 2025 Phrack published the dump of an APT member's workstation. It was full of exploits and loot from government networks, cell carriers and telcos.
The dump sparked a government investigation, and corpos like LG and Korea Telecom were asked to explain themselves. Hours before an onsite audit, the data center mysteriously caught fire, destroying almost a hundred servers. Then another data center burned - and unfortunately, there was even one death.
The talk aims to revisit this mysterious sequence of tragic incidents.
[TW: Suicide, self-harm]
In August 2025 Phrack published the dump of an APT member's workstation. The attacker was most likely Chinese, working on targets aligned with North Korea's doctrine. The dump was full of exploits, attacker tools and loot. Data from government networks, cell carriers and telcos, including server databases and loads or private keys stemming from the government PKI. The attacker had maintained a steady foothold …
In August 2025 Phrack published the dump of an APT member's workstation. It was full of exploits and loot from government networks, cell carriers and telcos.
The dump sparked a government investigation, and corpos like LG and Korea Telecom were asked to explain themselves. Hours before an onsite audit, the data center mysteriously caught fire, destroying almost a hundred servers. Then another data center burned - and unfortunately, there was even one death.
The talk aims to revisit this mysterious sequence of tragic incidents.
[TW: Suicide, self-harm]
In August 2025 Phrack published the dump of an APT member's workstation. The attacker was most likely Chinese, working on targets aligned with North Korea's doctrine. The dump was full of exploits, attacker tools and loot. Data from government networks, cell carriers and telcos, including server databases and loads or private keys stemming from the government PKI. The attacker had maintained a steady foothold …