Security News > 2023 > September > Google: State hackers attack security researchers with new zero-day
Google's Threat Analysis Group says North Korean state hackers are again targeting security researchers in attacks using at least one zero-day in an undisclosed popular software.
Researchers attacked in this campaign are involved in vulnerability research and development, according to Google's team of security experts that protects the company's users from state-sponsored attacks.
The attackers use Twitter and Mastodon social media to lure targeted security researchers into switching to encrypted messaging platforms like Signal, Wire, or WhatsApp.
In March 2021, Google TAG revealed the attacks picked up again, targeting security researchers using fake LinkedIn and Twitter social media accounts and a fake company named SecuriElite.
Earlier this year, in March, Mandiant also picked up on and exposed a suspected North Korean hacking group attacking security researchers and media organizations in the United States and Europe using fake job offers to infect them with new malware.
Although Google has not explicitly outlined the objectives of these attacks, their primary goal appears to be the acquisition of undisclosed security vulnerabilities and exploits by targeting specific researchers.
News URL
Related news
- Google fixes two Android zero-days used in targeted attacks (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar (source)
- Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine (source)
- Google claims Big Sleep 'first' AI to spot freshly committed security bug that fuzzing missed (source)
- Germany drafts law to protect researchers who find security flaws (source)
- Hackers increasingly use Winos4.0 post-exploitation kit in attacks (source)
- North Korean hackers create Flutter apps to bypass macOS security (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)