“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday. Our journalists select important news items from the previous week on topics ranging from privacy to policy development in cybersecurity, all to help you stay abreast of the latest breaking issues. And not only is this provided free of cost to our subscribers, but the briefing contains new content exclusive to subscribers, such as our insightful industrial reports.
In March, Minkyung Shin joined The Readable as a reporting intern. Over the past nine months, she has investigated domestic and international cybersecurity stories, conducting interviews with sources including police officers, government officials, scholars, and diplomats. Her dedication to journalism has led to the publication of more than 70 news articles, a number that exceeds 90 when accounting for her indirect contributions to other stories published by The Readable.
Today marks Shin’s final day with our team. On behalf of everyone at The Readable, I want to thank her for the outstanding performance she has demonstrated during her time with us. Below, I’ve highlighted some of her best work.
This week brought an announcement on cyber threat predictions for 2025, along with several notable developments in the field of cybersecurity. Our team has summarized the key points for your reference.
This is Dain Oh reporting from South Korea, and here is your weekend briefing.
1. [Perspective] Deepfake crimes are an ongoing social issue
In July, I reported on deepfake crimes and emerging forms of cyberbullying in schools. That article highlighted data from the Seoul Metropolitan Police Agency, which revealed that 63.1% of school violence cases involved cybercrime. These included incidents where deepfake technology was used to create and distribute fake images and videos.
Content abuse has been a serious problem in schools since my high school days. I was deeply shocked, and I struggled to come to terms with acts of voyeurism and the manipulation of photos—splicing someone’s image with nude pictures—for that purpose. Back then, it was done using Photoshop for simple edits and splicing, rather than the advanced creation of deepfakes.
Today, artificial intelligence has become a highly sophisticated and easily accessible tool. While it offers convenience in work, learning, and many other areas of life, it also heightens the risk of criminal misuse. Teenagers are particularly vulnerable, as their familiarity with smartphones makes them potential targets for exploitation. READ MORE
2. Digital violence escalates with tech-powered fake pornography
Last May, the Cybercrime Investigation Unit of the Seoul Metropolitan Police Agency announced the arrest of five individuals for illegally creating and distributing doctored pornographic images using photos of female acquaintances. Two of the offenders, both graduates of Seoul National University (SNU), took photos of 61 victims, including SNU alumni, from their personal social media accounts without consent. They manipulated these photos by combining them with explicit content to create over 400 doctored images, distributing them through a private Telegram channel.
As digital technology advances rapidly, the scale of digital sexual crimes is expanding across online platforms. Deepfake sex crimes, where victims are easily targeted through social media or the internet and their images are manipulated into explicit photos or videos, are becoming increasingly serious. The Readable has conducted multiple interviews with law enforcement agencies and civil organizations that are closely monitoring these crimes. READ MORE
3. Abuse of Telegram’s AI Bot fuels rise in online deepfake pornography
Telegram’s artificial intelligence bot, a core feature of the popular messaging app, is being misused to generate deepfake pornography. In response to this alarming trend, South Korean police and the Ministry of Education have formed a task force to investigate and tackle the problem.
On Wednesday, the Cybercrime Investigation Unit of the Seoul Metropolitan Police Agency announced that it has initiated investigations into eight Telegram AI bots used to illegally edit and create fake nude photos. This announcement came just a day after the police agency revealed a broader crackdown on crimes involving deep learning and AI to produce fake pornographic images and videos.
According to a police officer from the Cybercrime Investigation Unit of the Seoul Metropolitan Police Agency, who requested to remain anonymous, the Telegram bot, known simply as “Telegram bot,” is a program that can create fake pornography by editing ordinary photos with nude images. READ MORE
4. AhnLab announces top five cybersecurity threat predictions for 2025
AhnLab (CEO Sukkyoon Kang), a leader in cybersecurity, announced its top five predictions for cybersecurity threats expected to emerge in 2025. The prediction projects a wide range of insights across the cybersecurity industry, including:
- Surge in AI-powered attacks
- Rise of software supply chain attacks
- Cloud and IoT-driven attack surface expansion
- Increase in cyber warfare and hacktivism
- Evolution of ransomware attackers
“The 2025 cybersecurity landscape will become much more complex and challenging due to advancements in AI technology and the expansion of cloud infrastructure and IoT”, said Hayoung Yang, Head of AhnLab Security Intelligence Center (ASEC). “Both organizations and individuals must shift from reactive measures to a prevention-focused approach, practicing daily cybersecurity protocols to stay ahead of emerging threats”, he added. READ MORE
5. Bestselling author arrested for extortion and hacking threats – South Korea’s Kukmin Ilbo
A 33-year-old bestselling author, identified by the surname Lee, was arrested on Nov. 27 for allegedly attempting to extort a major South Korean law firm. Lee is accused of threatening to release hacked internal documents unless he was paid 30 bitcoins, valued at approximately 3.3 billion won. The Seoul Seocho Police apprehended him at Incheon International Airport after his extradition through Interpol.
Lee is accused of working with the hacking group “Trustman0” to steal data used to extort the law firm in August. After fleeing to Southeast Asia, he allegedly continued to issue threats via his YouTube channel, specifically targeting the firm’s lead attorney. Lee is also suspected of leaking data from another law firm, which was reportedly hacked by “Trustman0.”
Beyond his hacking-related crimes, Lee ran a cryptocurrency consulting firm and engaged in fraudulent promotional schemes. He purchased a YouTube account with 5.5 million subscribers to market his books and used illegal automation tools to spam promotional content across various online platforms. Investigators are continuing to examine the extent of his activities.
6. Exxon lobbyist investigated over hack-and-leak of environmentalist emails, sources say – Reuters
The FBI is investigating an alleged hack-and-leak scheme in which mercenary hackers targeted environmental activists and critics of Exxon Mobil. The operation, reportedly orchestrated by the lobbying firm DCI Group on behalf of Exxon, began in 2015 and involved using stolen emails to undermine legal actions against the company. Israeli private investigator Amit Forlit, hired by DCI, allegedly outsourced the hacking to Aviram Azari, who pleaded guilty in 2022 to crimes including wire fraud and hacking. The stolen documents were then leaked to the media to discredit activists and strengthen Exxon’s legal defense against climate-related lawsuits.
The hacking campaign disrupted preparations for lawsuits against Exxon by environmental groups and state attorneys general, which were modeled after litigation against the tobacco industry. Stolen data, including internal memos from activists, was used by Exxon’s lawyers to argue for dismissing lawsuits and alleging political bias. One prominent example was a Rockefeller Family Fund meeting memo, obtained through the hacks, which Exxon cited in court against New York’s attorney general. The operation, referred to as “Fox Hunt,” targeted more than 500 email accounts belonging to environmentalists and their associates between 2015 and 2018.
The FBI’s investigation into hacking-for-hire schemes underscores their potential to disrupt judicial processes. Although Exxon denies any involvement, its use of hacked documents in legal defenses has sparked concerns about suppressing the constitutional rights of activists. The case remains significant as related litigation proceeds, with critics accusing Exxon of employing cyberespionage to evade climate accountability.
7. Kitchener, Ont., man arrested in massive Snowflake hacking scheme faces possible extradition to U.S. – Canada’s CBC
Connor Moucka, a 25-year-old from Kitchener, Ontario, was arrested on Oct. 30 on charges related to a large-scale hacking scheme targeting at least 10 organizations, including the cloud storage provider Snowflake. U.S. authorities issued a warrant accusing Moucka of conspiracy, computer fraud, extortion, and identity theft. Moucka, who is linked to online aliases such as “waifu,” allegedly worked with John Binns, a hacker based in Turkey. The scheme reportedly extorted victims, obtaining 36 bitcoins (roughly $2.5 million at the time) from at least three organizations by exploiting stolen credentials to access Snowflake’s client data.
The investigation, led by cybersecurity firms Crowdstrike and Mandiant Consulting, revealed that the attackers accessed Snowflake environments using stolen login credentials from compromised contractor systems. This breach allowed the hackers to download sensitive data and demand ransoms from victim organizations. Snowflake launched an internal investigation in April after discovering the breach, which potentially impacted 165 clients. Further investigations uncovered operational security lapses that ultimately led to the identification of Moucka, who may now face extradition to the U.S.
Moucka remains in custody, awaiting legal representation, as Canadian and U.S. authorities continue their confidential extradition discussions. This arrest has been hailed as a significant breakthrough by cybersecurity experts who contributed to the investigation.
8. South Korea and U.S. launch joint cybersecurity research initiative – South Korean government
The South Korean Ministry of Science and ICT announced on Nov. 27 that it has signed a Technical Annex (TA) with the U.S. Department of Homeland Security to initiate joint cybersecurity research. This collaboration will focus on tracking illegal digital asset transactions and identifying abnormal behavior in large crowds. These efforts align with South Korea’s designation of cybersecurity as one of its 12 national strategic technologies and its increased emphasis on international research partnerships to enhance global competitiveness.
The partnership builds on the “U.S.-ROK Strategic Cybersecurity Cooperation Framework” signed by the leaders of the two nations in April 2022. Esteemed research institutions, including South Korea’s ETRI (Electronics and Telecommunications Research Institute) and Korea University, as well as the U.S.’s MITRE, RAND Corporation, and MIT Lincoln Laboratory, will participate. The collaboration aims to develop advanced cybersecurity solutions.
Minister Yoo Sang-im emphasized the need for international collaboration to combat the growing complexity of cyber threats in an increasingly interconnected world. He expressed hope that the joint efforts under the TA would enhance both nations’ ability to counter external cyber threats.
Editor’s note: The summaries of each article were created by ChatGPT 4o and reviewed by Dain Oh.
