Security News > 2021 > March > North Korean .Gov Hackers Back With Fake Pen-Test Company

A North Korean government-backed APT group has been caught using a fake pen-testing company and a range of sock puppet social media accounts in an escalation of a hacking campaign targeting security research professionals.
The notorious hacking group, first exposed by Google earlier this year, returned on March 17th with a website for a fake penetration testing company.
"The new website claims the company is an offensive security company located in Turkey that offers pentests, software security assessments and exploits," according to Adam Weidemann, a researcher in Google's TAG. Like previous websites used by this actor, Google said the new website even has a link to a PGP public key at the bottom of the page that was connected to the earlier January attacks.
In addition to the fake "SecuriElite" security assessment company, the campaign also included a batch of carefully crafted social media profiles used to lend credibility to the fake outfit.
The attacker's latest batch of social media profiles continue the trend of posing as fellow security researchers interested in exploitation and offensive security.
Google released data on multiple fake Twitter handles, sock puppet LinkedIn profiles, and attacker-controlled websites belonging to the North Korean APT group.
News URL
Related news
- North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack (source)
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- North Korean hackers linked to $1.5 billion ByBit crypto heist (source)
- OpenAI bans ChatGPT accounts used by North Korean hackers (source)
- North Korean Hackers Steal $1.5B in Cryptocurrency (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- Safe{Wallet} Confirms North Korean TraderTraitor Hackers Stole $1.5 Billion in Bybit Heist (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- North Korean Lazarus hackers infect hundreds via npm packages (source)