Security News > 2021 > January > North Korean hackers are targeting security researchers with malware, 0-days
A North Korean government-backed hacking group targets security researchers who focus on vulnerability and exploit development via social networks, disclosed Google tonight.
According to a report released tonight by Google's Threat Analysis Group, a North Korean government-backed hacking group uses social networks to target security researchers and infect their computers with a custom backdoor malware.
These accounts are then used to contact targeted security researchers via social media, including Twitter, LinkedIn, Telegram, Discord, Keybase, and email.
After establishing contact with a security researcher, the threat actors would ask if they would like to collaborate on vulnerability research or exploit development.
Since Google published their story, security researchers who were targeted in this campaign have started to share their experiences.
"If you are concerned that you are being targeted, we recommend that you compartmentalize your research activities using separate physical or virtual machines for general web browsing, interacting with others in the research community, accepting files from third parties and your own security research," advises Google's Threat Analysis Group.
News URL
Related news
- Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws (source)
- North Korean Hackers Deploy New Golang Malware 'Durian' Against Crypto Firms (source)
- North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign (source)
- Hackers Hit Indian Defense, Energy Sectors with Malware Posing as Air Force Invite (source)
- Hackers Target macOS Users with Malicious Ads Spreading Stealer Malware (source)
- Vultur banking malware for Android poses as McAfee Security app (source)
- China-linked Hackers Deploy New 'UNAPIMON' Malware for Stealthy Operations (source)
- Winnti's new UNAPIMON tool hides malware from security software (source)
- Vietnam-Based Hackers Steal Financial Data Across Asia with Malware (source)
- TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks (source)