Vulnerability Researchers Hit by North Korean Hackers

/in


Application Security
,
Containerization & Sandboxing
,
Cybercrime

Google Warns Social Engineering Attacks Have Been Backdooring Researchers’ Systems

Mathew J. Schwartz (euroinfosec) •
January 26, 2021    

Vulnerability Researchers Hit by North Korean Hackers
Tweets used by attackers to demonstrate previous “exploits” they’d discovered (Source: Google)

North Korean hackers have been “targeting security researchers working on vulnerability research and development at different companies and organizations” to trick them into installing backdoored software.

See Also: Rapid Digitization and Risk: A Roundtable Preview


So warns Google’s Threat Analysis Group in a Monday blog post detailing what it says is a months-long attack campaign that has already notched up multiple victims.


The campaign traces to “a government-backed entity based in North Korea,” which has used a variety of techniques to trick researchers, Google warns. “We hope this post will remind those in the security research community that they are targets to government-backed attackers and should remain vigilant when engaging with individuals they have not previously interacted…

Source…