Security News > 2022 > July > Hackers pose as journalists to breach news media org’s networks
Researchers following the activities of advanced persistent threat groups originating from China, North Korea, Iran, and Turkey say that journalists and media organizations have remained a constant target for state-aligned actors.
Proofpoint analysts have been following these activities from 2021 and into 2022 and published a report about several APT groups impersonating or targeting journalists.
The China-linked threat actor known as 'Zirconium' has been confirmed to target American journalists since early 2021 with emails containing trackers that alerted when messages were accessed.
North Korean hackers of the TA404 group were also spotted targeting media personnel during the spring of 2022, using fake job postings as lures.
Finally, Turkish threat actors tracked as TA482 orchestrated credential harvesting campaigns that attempted to steal journalists' social media accounts.
APTs are expected to continue targeting journalists using phishing tricks, malware droppers, and various social engineering tactics.
News URL
Related news
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom (source)
- Oracle denies breach after hacker claims theft of 6 million data records (source)
- Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years (source)
- StreamElements discloses third-party data breach after hacker leaks data (source)
- Hackers lurked in Treasury OCC’s systems since June 2023 breach (source)
- Lazarus hackers breach six companies in watering hole attacks (source)
- Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach (source)