Security News > 2022 > July > Hackers pose as journalists to breach news media org’s networks
Researchers following the activities of advanced persistent threat groups originating from China, North Korea, Iran, and Turkey say that journalists and media organizations have remained a constant target for state-aligned actors.
Proofpoint analysts have been following these activities from 2021 and into 2022 and published a report about several APT groups impersonating or targeting journalists.
The China-linked threat actor known as 'Zirconium' has been confirmed to target American journalists since early 2021 with emails containing trackers that alerted when messages were accessed.
North Korean hackers of the TA404 group were also spotted targeting media personnel during the spring of 2022, using fake job postings as lures.
Finally, Turkish threat actors tracked as TA482 orchestrated credential harvesting campaigns that attempted to steal journalists' social media accounts.
APTs are expected to continue targeting journalists using phishing tricks, malware droppers, and various social engineering tactics.
News URL
Related news
- Hacker claims Giant Tiger data breach, leaks 2.8M records online (source)
- ArcaneDoor hackers exploit Cisco zero-days to breach govt networks (source)
- Helsinki suffers data breach after hackers exploit unpatched flaw (source)
- Russian hackers use new Lunar malware to breach a European govt's agencies (source)
- Hackers target Check Point VPNs to breach enterprise networks (source)