Security News > 2023 > September > Google: State hackers attack security researchers with new zero-day
Google's Threat Analysis Group says North Korean state hackers are again targeting security researchers in attacks using at least one zero-day in an undisclosed popular software.
Researchers attacked in this campaign are involved in vulnerability research and development, according to Google's team of security experts that protects the company's users from state-sponsored attacks.
The attackers use Twitter and Mastodon social media to lure targeted security researchers into switching to encrypted messaging platforms like Signal, Wire, or WhatsApp.
In March 2021, Google TAG revealed the attacks picked up again, targeting security researchers using fake LinkedIn and Twitter social media accounts and a fake company named SecuriElite.
Earlier this year, in March, Mandiant also picked up on and exposed a suspected North Korean hacking group attacking security researchers and media organizations in the United States and Europe using fake job offers to infect them with new malware.
Although Google has not explicitly outlined the objectives of these attacks, their primary goal appears to be the acquisition of undisclosed security vulnerabilities and exploits by targeting specific researchers.
News URL
Related news
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- Rackspace monitoring data stolen in ScienceLogic zero-day attack (source)
- Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw (source)
- North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks (source)
- Qualcomm patches high-severity zero-day exploited in attacks (source)
- Ivanti warns of three more CSA zero-days exploited in attacks (source)