Saturday, February 20, 21:07
Home security Google: North Korean hackers target security researchers via social media

Google: North Korean hackers target security researchers via social media

Google has released a report revealing that North Korean hackers are targeting through social media security researchers involved in a search for vulnerabilities. The attacks detected by Google Threat Analysis Group (TAG), a Google security team that specializes in APT hunting hacking groups.

Google: North Korean hackers target security researchers via social media

More specifically, Google reported that North Korean hackers used profiles on various popular social media - such as TwitterThe LinkedInThe TelegramThe Discord and Keybase - to communicate with security investigators, using fake personas. In some cases, hackers even attempted to reach out to security investigators via email.

Google: North Korean hackers target security researchers via social media

Adam Weidemann, a security researcher at Google TAG, said that after the hackers established the initial communications, they asked the target researcher if they wanted to collaborate on the vulnerability research, and then provided the researcher with a Visual Studio Project.

The Visual Studio Project contained malicious code that it was installing malware in the operating system of the targeted researcher. The malware was operating as backdoor, communicating with a remote C&C server and waiting for orders.

Wiedemann explained that the attackers did not always distribute malicious files to their targets. In some cases, security researchers have been asked to visit a blog hosted on the blog. [.] Br0vvnn [.] Io. According to Google, the blog hosted malicious code that "infected" the security researcher's computer after gaining access to the site. Specifically, Weidemann noted that a malicious service was being installed on the researcher's system and a backdoor in memory that began transferring data to a C&C server controlled by hackers.

Google: North Korean hackers target security researchers via social media

Google TAG added that many victims who have access to the site are running "fully updated versions of Windows 10 and Chrome browser ", however, they were" infected "again.

The details of browser-based attacks are so far minimal. However, some security researchers believe that North Korean hackers may have used a combination of vulnerabilities in Chrome and Windows 10 to develop malicious code.

So the Google TAG team is asking the cybersecurity community to share more information about these attacks if any security investigators believe they have been infected.

The Google TAG report includes a list of links to fake social media profiles used by North Korean hackers to reach out to security investigators.

In addition, security investigators are advised to review their browsing history to see if they interact with any of these profiles or if they have access to the malicious domain. If so, they are more likely to be infected and will need to take some steps to investigate their systems.

According to ZDNet, North Korean hackers are targeting security researchers aiming to steal exploits for vulnerabilities discovered by infected researchers, vulnerabilities with which malicious agents could develop their attacks with little or no development.

Meanwhile, several security investigators have already revealed on social media that they have received messages from the attackers' accounts, although no one has admitted that systems have been compromised.


Please enter your comment!
Please enter your name here

Every accomplishment starts with the decision to try.


How to hide your phone number in Telegram

If you wish to create a Telegram account, you must provide your telephone number. In this way, Telegram validates the ...

Google Assistant: How can you delete your recordings?

Google Assistant can make your daily life much easier. However, it also involves some privacy issues, as ...

Microsoft: Office 2021 / Office LTSC coming in the second half of 2021

Microsoft announced that the Microsoft Office Long Term Service Channel (LTSC) and Office 2021 will be released in 2021, for ...

How to quickly create QR codes with Bing

If you ever need to create a QR code, but you do not know how, Microsoft has an easy-to-use tool available in any program ...

Brave: Onion addresses leaked to DNS traffic

The Tor function included in the Brave web browser, allows users to access .onion dark web domains within ...

What are the 6 most known attacks on gaming companies?

A few days ago, the gaming company Big Huge Games informed the players that it was the victim of an attack, which affected its data ...

Xbox gift cards are sold at a 10% discount on Amazon

Xbox owners can save some money on games, add-ons, subscriptions and more if they buy Xbox gift cards at ...

Perseverance: NASA spacecraft lands on Mars!

The spacecraft "Perseverance" successfully landed yesterday, shortly before 11 pm Greek time on Mars. Aim of this mission of ...

YouTube: You can play 4K videos on devices with low resolution screens

Youtube application on Android allows you to play videos up to 4K resolution. All you need is a phone with ...

Top positions Software Engineering and coding skills for 2021

Due to COVID-19, recruitment efforts and employment opportunities fell sharply last year. However, the technology industry has proven to be more resilient ...