North Korea Targets Security Researchers in Elaborate 0-Day Campaign
#1
Information 
Quote:Hackers linked to North Korea are targeting security researchers with an elaborate social-engineering campaign that sets up trusted relationships with them — and then infects their organizations’ systems with custom backdoor malware.
 
That’s according to Google’s Threat Analysis Group (TAG), which issued a warning late Monday about a campaign it has tracked over the last several months that uses various means to interact with and attack professionals working on vulnerability research and development at multiple organizations.
 
The effort includes attackers going so far as to set up their own research blog, multiple Twitter profiles and other social-media accounts in order to look like legitimate security researchers themselves, according to a blog post by TAG’s Adam Weidermann. Hackers first establish communications with researchers in a way that looks like they are credibly working on similar projects, then they ask them to collaborate, and eventually infect victims’ machines.
 
The infections are propagated either through a malicious backdoor in a Visual Studio Project or via an infected website, he wrote. And moreover, those infected were running fully patched and up-to-date Windows 10 and Chrome browser versions — a signal that hackers likely are using zero-day vulnerabilities in the campaign, the researcher concluded.
 
TAG attributed the threat actors to “a government-backed entity based in North Korea.”
“They’ve used these Twitter profiles for posting links to their blog, posting videos of their claimed exploits, and for amplifying and retweeting posts from other accounts that they control,” according to the post. “Their blog contains write-ups and analysis of vulnerabilities that have been publicly disclosed, including ‘guest’ posts from unwitting legitimate security researchers, likely in an attempt to build additional credibility with other security researchers.”

Read more: https://threatpost.com/north-korea-secur...ay/163333/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
NanaZip 6.5 Update (6.5.1767.0)
NanaZip 6.5 Update...harlan4096 — 19:15
Microsoft Edge 150 Adds Google Account S...
Microsoft has adde...harlan4096 — 10:26
Free Download Manager 6.34.2.6926
Changes in 6.34.2....harlan4096 — 09:37
Bitdefender 27.0.60.341
Latest version of ...harlan4096 — 09:34
Microsoft Edge 150.0.4078.48
Version 150.0.4078...harlan4096 — 09:33

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (47)dapedDow
avatar (49)TromPerl
avatar (46)RidgeDimb
avatar (37)ipumaqar
avatar (51)tanliorsPeri
avatar (43)lapedDow
avatar (49)rituabew
avatar (37)omyjul
avatar (41)papedDow
avatar (50)ArnoldFum
avatar (38)yfaza
avatar (49)Kevensi
avatar (48)ConradRoand
avatar (39)boineDon
avatar (51)spoofTum
avatar (50)WillieVot
avatar (40)Grompelbawn
avatar (41)vkseogaF
avatar (37)usogy
avatar (40)ywixazok
avatar (38)ixoqe
avatar (56)Step 1
avatar (36)pa.OpenTran

[-]
Online Staff
There are no staff members currently online.

>