Security News > 2021 > January > North Korean hackers are targeting security researchers with malware, 0-days

A North Korean government-backed hacking group targets security researchers who focus on vulnerability and exploit development via social networks, disclosed Google tonight.
According to a report released tonight by Google's Threat Analysis Group, a North Korean government-backed hacking group uses social networks to target security researchers and infect their computers with a custom backdoor malware.
These accounts are then used to contact targeted security researchers via social media, including Twitter, LinkedIn, Telegram, Discord, Keybase, and email.
After establishing contact with a security researcher, the threat actors would ask if they would like to collaborate on vulnerability research or exploit development.
Since Google published their story, security researchers who were targeted in this campaign have started to share their experiences.
"If you are concerned that you are being targeted, we recommend that you compartmentalize your research activities using separate physical or virtual machines for general web browsing, interacting with others in the research community, accepting files from third parties and your own security research," advises Google's Threat Analysis Group.
News URL
Related news
- North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages (source)
- North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures (source)
- Safe{Wallet} Confirms North Korean TraderTraitor Hackers Stole $1.5 Billion in Bybit Heist (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- Google paid $12 million in bug bounties last year to security researchers (source)
- North Korean Lazarus hackers infect hundreds via npm packages (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot (source)
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)