Security News > 2021 > January > Google releases alarming report about North Korean hackers posing as security analysts
Google said the attackers were targeting security researchers by using fake LinkedIn and Twitter profiles and asking to collaborate.
Google unveiled a new report from its Threat Analysis Group on Monday highlighting the work of a group of cyberattackers associated with the government of North Korea that sought to impersonate cybersecurity researchers in an effort to target those "Working on vulnerability research and development at different companies and organizations." Adam Weidemann, a member of the Threat Analysis Group, wrote that the attackers used a variety of fake blogs, Twitter accounts and LinkedIn profiles to make themselves look legitimate and communicate with researchers and analysts they were hoping to go after.
"The actors have been observed targeting specific security researchers by a novel social engineering method. After establishing initial communications, the actors would ask the targeted researcher if they wanted to collaborate on vulnerability research together, and then provide the researcher with a Visual Studio Project," Weidemann wrote.
"As someone they've targeted, I'm glad Google is coming out with this alert. There are so many people throughout the world seeking private intel, and if you don't know who you're talking to, work on the assumption that the name and picture you're being offered is likely not valid. The accounts of these four attackers are suspended, but really that means nothing. They'll just make up another name and be back."
SafeGuard Cyber CEO Jim Zuffoletti said attacks like this are on the rise because attackers are moving into channels of communication that "Are invisible to security teams," adding that the distributed nature of work since the onset of the COVID-19 pandemic made it imperative that security teams put better controls in place for social and chat apps.
"You know you've made it when cybercriminals are trying to gain access to your social media accounts or research," joked James McQuiggan, security awareness advocate at KnowBe4.
News URL
Related news
- North Korean Hackers Disguised as IT Workers Targeting UK, European Companies, Google Finds (source)
- Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products (source)
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)
- North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages (source)
- Google’s Sec-Gemini v1 Takes on Hackers & Outperforms Rivals by 11% (source)
- Google's got a hot cloud infosec startup, a new unified platform — and its eye on Microsoft's $20B+ security biz (source)
- North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures (source)
- Majority of Browser Extensions Pose Critical Security Risk, A New Report Reveals (source)
- Google Chrome to block admin-level browser launches for better security (source)