Security News > 2021 > January > I was targeted by North Korean 0-day hackers using a Visual Studio project, vuln hunter tells El Reg

A zero-day hunter has told The Register of the "Holy f**k" moment when he realised he'd been targeted by a North Korean campaign aimed at stealing Western researchers' vulns.
Enraged by the deception, Caceres also offered a hefty bounty for information leading to the arrest of "James Willy", who appears to be one of the North Korean actors engaged on the Pyongyang-driven campaign.
A vulnerability broker he had known for a while and trusted had introduced him to a new researcher called James Willy "From New York," Caceres told El Reg, explaining: "We hopped in a group chat, the three of us, and he sent me a Visual Studio project to take a look at a driver bug that caused a blue screen of death."
When he opened the Visual Studio project from "James", Caceres admitted he had been a little careless but shrugged off the risk.
Opening some Visual Studio projects can cause code to execute, which was the North Koreans' attack vector.
Last year the US-CERT warned that North Korean hackers were targeting wealthy Western companies for protection money, and it might be the case that the zero-day theft operation which targeted Caceres and others is linked to that tactic.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/01/26/north_korea_targeted_me_0_day/
Related news
- North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack (source)
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- North Korean hackers linked to $1.5 billion ByBit crypto heist (source)
- OpenAI bans ChatGPT accounts used by North Korean hackers (source)
- North Korean Hackers Steal $1.5B in Cryptocurrency (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- Safe{Wallet} Confirms North Korean TraderTraitor Hackers Stole $1.5 Billion in Bybit Heist (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- North Korean Lazarus hackers infect hundreds via npm packages (source)