Security News > 2022 > July > Hackers pose as journalists to breach news media org’s networks
Researchers following the activities of advanced persistent threat groups originating from China, North Korea, Iran, and Turkey say that journalists and media organizations have remained a constant target for state-aligned actors.
Proofpoint analysts have been following these activities from 2021 and into 2022 and published a report about several APT groups impersonating or targeting journalists.
The China-linked threat actor known as 'Zirconium' has been confirmed to target American journalists since early 2021 with emails containing trackers that alerted when messages were accessed.
North Korean hackers of the TA404 group were also spotted targeting media personnel during the spring of 2022, using fake job postings as lures.
Finally, Turkish threat actors tracked as TA482 orchestrated credential harvesting campaigns that attempted to steal journalists' social media accounts.
APTs are expected to continue targeting journalists using phishing tricks, malware droppers, and various social engineering tactics.
News URL
Related news
- HPE investigates breach as hacker claims to steal source code (source)
- CISA: Hackers still exploiting older Ivanti bugs to breach networks (source)
- Hackers exploiting flaws in SimpleHelp RMM to breach networks (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Orange Group confirms breach after hacker leaks company documents (source)