Security News > 2021 > January > Microsoft: DPRK hackers 'likely' hit researchers with Chrome exploit

Today, Microsoft disclosed that they have also been monitoring the targeted attacks against vulnerability researchers for months and have attributed the attacks to a DPRK group named 'Zinc.'.
Microsoft tracks hacking group as ZINC. In a new report, Microsoft states that they too have been tracking this threat actor, who they track as 'ZINC,' for the past couple of months as the hackers target pen testers, security researchers, and employees at tech and security companies.
"In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. The campaign originally came to our attention after Microsoft Defender for Endpoint detected an attack in progress. Observed targeting includes pen testers, private offensive security researchers, and employees at security and tech companies."
As part of their attack, the ZINC actors would contact researchers to collaborate on vulnerability and exploit research.
As previously reported by Google, for those researchers who agreed, ZINC would send a Visual Studio project containing a malicious DLL that would be executed when researchers compiled the project.
"A blog post titled DOS2RCE: A New Technique To Exploit V8 NULL Pointer Dereference Bug, was shared by the actor on October 14, 2020 from Twitter. From October 19-21, 2020, some researchers, who hadn't been contacted or sent any files by ZINC profiles, clicked the links while using the Chrome browser, resulting in known ZINC malware on their machines soon after."
News URL
Related news
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- Microsoft wouldn't look at a bug report without a video. Researcher maliciously complied (source)
- Microsoft isn't fixing 8-year-old shortcut exploit abused for spying (source)
- Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert! (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)