Tag Archive for: dprk

DPRK hackers used an unknown Internet Explorer bug to attack security analysts

/in


News Highlights: DPRK hackers used an unknown Internet Explorer bug to attack security analysts

.

Days after Google disclosed a cyber campaign, South Korean company finds criminals who used zero-day in Internet Explorer

Hackers previously linked to North Korea by Google researchers used an unknown vulnerability in Internet Explorer to target cybersecurity experts, a South Korean company said.

Two weeks ago, Google’s Threat Analysis Group (TAG) shocked the cybersecurity community by revealing a month-long social engineering campaign in which hackers posed as fellow security researchers, tricking targets into collaborating on projects and viewing their blog. When researchers visited the website, a previously undiscovered zero-day vulnerability in Chrome infected some users with malware.

The same hackers Google attributed to the Lazarus Group linked to North Korea, too

Read more from Source
Copyright @ www.nknews.org

  • Check the latest Hacking news updates and information.
  • Please share this news DPRK hackers used an unknown Internet Explorer bug to attack security analysts with your friends and family to support us your one share helps us a lot.
  • Follow us on Facebook and Twitter if you need more updates like this.
Compsmag is supported by its audience. When you buy through links on our website, we may earn an affiliate commission fee. Learn more

Source…

DPRK hackers ‘likely’ hit researchers with Chrome exploit

/in


Microsoft

Today, Microsoft disclosed that they have also been monitoring the targeted attacks against vulnerability researchers for months and have attributed the attacks to a DPRK group named ‘Zinc.’

Earlier this week, Google disclosed that a North Korean government-backed hacking group has been using social networks to target security researchers.

As part of the attacks, the threat actors would ask researchers to collaborate on vulnerability research and then attempt to infect their computers with a custom backdoor malware.

Microsoft tracks hacking group as ZINC

In a new report, Microsoft states that they too have been tracking this threat actor, who they track as ‘ZINC,’ for the past couple of months as the hackers target pen testers, security researchers, and employees at tech and security companies. Other researchers track this hacking group under the well-known name ‘Lazarus.’

“In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. The campaign originally came to our attention after Microsoft Defender for Endpoint detected an attack in progress. Observed targeting includes pen testers, private offensive security researchers, and employees at security and tech companies.”

“Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to ZINC, a DPRK-affiliated and state-sponsored group, based on observed tradecraft, infrastructure, malware patterns, and account affiliations,” the Microsoft Threat Intelligence Center team disclosed in a new report.

Based on Microsoft’s research, the ZINC actors began operating in mid-2020 by building online Twitter security researcher personas by retweeting security content and posting about vulnerability research. 

The threat actors’ would then amplify these tweets using other sock-puppet Twitter accounts under their control. This tactic allowed the group to build a reputation in the security vulnerability research space and build a following that included “prominent security researchers.”

Twitter activity by ZINC threat actors
Twitter activity by ZINC threat actors
Source: Microsoft

As part of their attack, the ZINC actors would contact researchers to collaborate on vulnerability and exploit…

Source…

UN expert spotlights ‘abysmal’ human rights situation in DPR Korea – UN News Centre

/in

22 October 2009 – The human rights situation in the Democratic People’s Republic of Korea (DPRK) remains “abysmal” as a result of the repressive nature of the ruling regime, the independent United Nations expert monitoring the situation in …

Read more