Security News > 2021 > April > Hackers Set Up a Fake Cybersecurity Firm to Target Security Experts

A North Korean government-backed campaign targeting cybersecurity researchers with malware has re-emerged with new tactics in their arsenal as part of a fresh social engineering attack.

In an update shared on Wednesday, Google's Threat Analysis Group said the attackers behind the operation set up a fake security company called SecuriElite and a slew of social media accounts across Twitter and LinkedIn in an attempt to trick unsuspecting researchers into visiting the company's booby-trapped website "Where a browser exploit was waiting to be triggered."

"The new website claims the company is an offensive security company located in Turkey that offers pentests, software security assessments and exploits," TAG's Adam Weidemann said.

A total of eight Twitter profiles and seven LinkedIn profiles, who claimed to be vulnerability researchers and human resources personnel at different security firms, were created for this purpose, with a few others posing as the chief executive officer and employees at the fictitious company.

Following the disclosure, researchers from South Korean cybersecurity firm ENKI revealed a zero-day in Internet Explorer that it said allowed the hackers to access the devices managed by its security team with malicious MHTML files.

The real motive behind the attacks remains unclear as yet, although it's being suspected that the threat actor may be attempting to stealthily gain a foothold on systems in order to get hold of zero-day research, and in the process, use those unpatched vulnerabilities to stage further attacks on vulnerable targets of their choice.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/UAlf3w8WGrg/hackers-set-up-fake-cybersecurity-firm.html