Security News > 2021 > January > North Korean hackers are targeting security researchers with malware, 0-days

A North Korean government-backed hacking group targets security researchers who focus on vulnerability and exploit development via social networks, disclosed Google tonight.

According to a report released tonight by Google's Threat Analysis Group, a North Korean government-backed hacking group uses social networks to target security researchers and infect their computers with a custom backdoor malware.

These accounts are then used to contact targeted security researchers via social media, including Twitter, LinkedIn, Telegram, Discord, Keybase, and email.

After establishing contact with a security researcher, the threat actors would ask if they would like to collaborate on vulnerability research or exploit development.

Since Google published their story, security researchers who were targeted in this campaign have started to share their experiences.

"If you are concerned that you are being targeted, we recommend that you compartmentalize your research activities using separate physical or virtual machines for general web browsing, interacting with others in the research community, accepting files from third parties and your own security research," advises Google's Threat Analysis Group.

News URL

https://www.bleepingcomputer.com/news/security/north-korean-hackers-are-targeting-security-researchers-with-malware-0-days/