19.09.2025
3 min
587
An unknown hacking group has claimed to have hacked SK Telecom (SKT), one of South Korea’s largest telecommunications and industrial giants. They say the company’s systems were compromised with source code for internal projects, Docker configs, and AWS keys. This is the second major incident in a year, following the Qilin attack in April.
According to the investigation, the attackers gained access to corporate repositories through a hacked employee’s Bitbucket account. Among the projects that the attackers may have infiltrated:
skt-user-syncer
SKCarAuth
SKCrashLogger
SK_AQI_DAEMON
Researchers note that the code leak itself does not provide access to passwords or keys in combat environments. At the same time, analyzing these files can help find vulnerabilities for future attacks, as well as lead to intellectual property theft if third-party companies use someone else’s code.
SK Telecom is part of SK Group, the second largest chaebol in South Korea after Samsung. The company manages more than 175 subsidiaries with more than 80,000 employees in various sectors: telecom, energy, semiconductors, biotechnology, electric vehicle batteries. In the US alone, SK has invested more than $ 50 billion in investments in 20 states.
In April 2025, SK Telecom was already attacked by Qilin ransomware, which paralyzed work and led to the leakage of 1 TB of data. Then the company was even forced to suspend new connections and launch a mass replacement of SIM cards for customers.
A new leak from Bitbucket highlights the vulnerability of even giants like SK Telecom. While user data is currently secure, hackers can use the obtained code to find new loopholes and launch further attacks. The situation demonstrates that even Fortune 100 companies remain attractive targets for cybercriminals, especially in the face of fierce competition in the telecommunications and artificial intelligence sectors.
