Security News > 2021 > January > Google releases alarming report about North Korean hackers posing as security analysts
Google said the attackers were targeting security researchers by using fake LinkedIn and Twitter profiles and asking to collaborate.
Google unveiled a new report from its Threat Analysis Group on Monday highlighting the work of a group of cyberattackers associated with the government of North Korea that sought to impersonate cybersecurity researchers in an effort to target those "Working on vulnerability research and development at different companies and organizations." Adam Weidemann, a member of the Threat Analysis Group, wrote that the attackers used a variety of fake blogs, Twitter accounts and LinkedIn profiles to make themselves look legitimate and communicate with researchers and analysts they were hoping to go after.
"The actors have been observed targeting specific security researchers by a novel social engineering method. After establishing initial communications, the actors would ask the targeted researcher if they wanted to collaborate on vulnerability research together, and then provide the researcher with a Visual Studio Project," Weidemann wrote.
"As someone they've targeted, I'm glad Google is coming out with this alert. There are so many people throughout the world seeking private intel, and if you don't know who you're talking to, work on the assumption that the name and picture you're being offered is likely not valid. The accounts of these four attackers are suspended, but really that means nothing. They'll just make up another name and be back."
SafeGuard Cyber CEO Jim Zuffoletti said attacks like this are on the rise because attackers are moving into channels of communication that "Are invisible to security teams," adding that the distributed nature of work since the onset of the COVID-19 pandemic made it imperative that security teams put better controls in place for social and chat apps.
"You know you've made it when cybercriminals are trying to gain access to your social media accounts or research," joked James McQuiggan, security awareness advocate at KnowBe4.
News URL
Related news
- North Korean hackers create Flutter apps to bypass macOS security (source)
- Hackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious Activity (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- North Korean hackers pave the way for Play ransomware (source)
- Google claims Big Sleep 'first' AI to spot freshly committed security bug that fuzzing missed (source)
- Report: Voice of Practitioners 2024 – The True State of Secrets Security (source)
- North Korean hackers employ new tactics to compromise crypto-related businesses (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)