Vulnerability Researchers Hit by North Korean Hackers

Application Security
Containerization & Sandboxing

Google Warns Social Engineering Attacks Have Been Backdooring Researchers’ Systems

Vulnerability Researchers Hit by North Korean Hackers
Tweets used by attackers to demonstrate previous “exploits” they’d discovered (Source: Google)

North Korean hackers have been “targeting security researchers working on vulnerability research and development at different companies and organizations” to trick them into installing backdoored software.

See Also: Rapid Digitization and Risk: A Roundtable Preview

So warns Google’s Threat Analysis Group in a Monday blog post detailing what it says is a months-long attack campaign that has already notched up multiple victims.

The campaign traces to “a government-backed entity based in North Korea,” which has used a variety of techniques to trick researchers, Google warns. “We hope this post will remind those in the security research community that they are targets to government-backed attackers and should remain vigilant when engaging with individuals they have not previously interacted…