[Weekend Briefing] Taiwanese intelligence agency allegedly hacked

By Dain Oh and Kuksung Nam, The Readable
Jan. 20, 2023 8:22PM KST

“Weekend Briefing” is a weekly newsletter that is sent to The Readable’s subscribers every Friday. Cybersecurity journalists for The Readable carefully select important news stories from the previous week and deliver them in a compact form. Topics encompass cybercrime, geopolitics, and privacy. There are no costs involved with a subscription, and some content, such as the monthly ransomware index report, is only available to those who subscribe to our newsletters.

Hello! This is Dain Oh and Kuksung Nam in South Korea. For the last few weeks, we have prepared a special report on our cybersecurity forecast for 2023. We have collected dozens of quality reports which analyzed cyberattacks last year and attempted to predict major threats this year. Our report “2023 Security Outlook” is the final outcome of the weeks’ efforts of reviewing a large volume of information and extracting key messages from it. This will be separately published from the weekend briefing. Please visit our website to read the special report.

Along with our special report, The Readable has picked three news stories that were notable this week. If you have further questions or inquiries, do not hesitate to contact us. Have a great weekend!

1. Taiwanese intelligence agency allegedly hacked

A sample file that a dark web user “niceday009” uploaded onto BreachForums. Source: BreachForums

Internal documents of the Taiwanese intelligence agency have allegedly been exposed to cybercriminals and have been put up for sale on an underground forum. On January 11, a dark web user “niceday009” uploaded a series of documents, which the user claimed were stolen from the Taiwanese intelligence agencies, onto BreachForums, where users buy and sell illicitly obtained databases. The 10 gigabytes of data were priced at $150,000.

The user wrote in the sales post that the data includes confidential files of the Taiwanese intelligence agencies, such as sensitive information about their agents and activities, along with the internal information about international cooperation. In a sample file that the user provided as a way to prove the authenticity of the database, personal information about a specific person was indicated, such as family background, personality traits, and political orientation.

Another sample file by “niceday009.” There have been several updates to the original post by the user who claimed that the leaked data has been purchased by other users. Source: BreachForums

According to the Liberty Times, a national newspaper published in Taiwan, the law enforcement of Taiwan acknowledged the incident on January 16 and started an investigation, without disclosing further details. Although there have been several updates to the original post by niceday009, the authenticity of the material has not been verified yet.

“It is very new to see that these dark web actors target Taiwan’s intelligence agencies,” said a cybersecurity researcher who is based in Taiwan and asked to remain anonymous to The Readable. “This threat [by niceday009] has been considered seriously in the Taiwanese cybersecurity industry. The actor claimed that the leaked data has been purchased and he or she prepared the second exposure of leaked data,” added the researcher.

YouTube Channel of popular South Korean YouTuber was hacked on Tuesday. The channel was restored two days later. Source: The Readable

Hackers are targeting not only social media accounts of political figures and organizations, but also the accounts and channels of influencers and popular YouTubers. The YouTube channel of South Korean YouTuber with more than 10.8 million subscribers was hacked on Tuesday.

The profile picture, which was once a caricature of the YouTuber herself, was changed to one showing a red and white Tesla logo, according to multiple reports by local news outlets. The name of the channel was changed to “Tesla.” All the videos were deleted and replaced, which appeared to be the three identical live stream videos of Tesla CEO Elon Musk.

The hacked YouTube channel was fixed two days later. The YouTuber uploaded a new video on her restored channel Thursday and left a notice in the comment section, saying that the hacking incident occurred through nothing more than her own carelessness.

3. Ransomware attacks rose 14 times over five years

Designed by Sangseon Kim, The Readable

The number of South Korean companies who reported to the nation’s cybersecurity agency about falling victim to ransomware attacks has increased 14 times over the past five years.

In 2018, 22 South Korean companies, including non-profit organizations, reported to the Korea Internet & Security Agency that they had been hit by ransomware, a cyberattack in which attackers hold victims’ information as hostage through encryption until they are paid.

The cases of ransomware reported to the cybersecurity agency rose gradually, reaching 325 cases last year, which is the highest level in the last five years. South Korean lawmaker Park Wan-joo disclosed this data on Sunday after he had received it from the Ministry of Science and ICT. To read the original reporting, click here.

4. [2023 Security Outlook] 10 Keywords that will dominate threat landscape

Designed by Areum Hwang, The Readable

As a global news outlet which specializes in cybersecurity, The Readable has reviewed dozens of forecast reports published by diverse organizations regarding the threat landscape this year. Out of various topics that were covered in those reports, The Readable has extracted 10 keywords that are most frequently mentioned and expected to dominate the field of information security in the upcoming months.

For each keyword, we have provided the definition, along with the sources that emphasized the significance of the subject. In addition, the reporters and researchers at The Readable, based on their expertise, have individually picked two keywords that are considered to be some of the most menacing threats in 2023 and elaborated the reasons for their choices. At the bottom of this report, there are links to the original reports for readers who may need additional research. Please visit our website to read the special report.


The cover image of this article was designed by Areum Hwang.

Dain Oh is an award-winning cybersecurity journalist based in South Korea and the founding editor-in-chief of The Readable by S2W. Before joining S2W, she worked as a reporter for The Electronic Times, the top IT newspaper in Korea, covering the cybersecurity industry on an in-depth level. She reported numerous exclusive stories, and her work related to the National Intelligence Service led to her being honored with the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology in a unanimous decision. She was also the first journalist to report on the hacking of vulnerable wallpads in South Korean apartments, which later became a nation-wide issue.

Kuksung Nam is a cybersecurity journalist for The Readable. She covers cybersecurity issues in South Korea, including the public and private sectors. Prior to joining The Readable, she worked as a political reporter for one of the top-five local newspapers in South Korea, The Kyeongin Ilbo, where she reported several exclusive stories regarding the misconduct of local government officials. She is currently focused on issues related to anti-fraud, as well as threats and crimes in cyberspace. She is a Korean native who is fluent in English and French, and she is interested in delivering the news to a global audience.