Security News > 2021 > January > N. Korean Hackers Targeting Security Experts to Steal Undisclosed Researches
Google on Monday disclosed details about an ongoing campaign carried out by a government-backed threat actor from North Korea that has targeted security researchers working on vulnerability research and development.
The goal, it appears, is to steal exploits developed by the researchers for possibly undisclosed vulnerabilities, thereby allowing them to stage further attacks on vulnerable targets of their choice.
"Their blog contains write-ups and analysis of vulnerabilities that have been publicly disclosed, including 'guest' posts from unwitting legitimate security researchers, likely in an attempt to build additional credibility with other security researchers," said TAG researcher Adam Weidemann.
The North Korean hackers are also said to have used a "Novel social engineering method" to hit security researchers by asking them if they would like to collaborate on vulnerability research together and then provide the targeted individual with a Visual Studio Project.
"If you are concerned that you are being targeted, we recommend that you compartmentalize your research activities using separate physical or virtual machines for general web browsing, interacting with others in the research community, accepting files from third parties and your own security research," Weidemann said.
The Windows maker said the campaign took roots in mid-2020 when the adversary "Started building a reputation in the security research community on Twitter by retweeting high quality security content and posting about exploit research from an actor-controlled blog."