Security News > 2023 > September > Google: State hackers attack security researchers with new zero-day
Google's Threat Analysis Group says North Korean state hackers are again targeting security researchers in attacks using at least one zero-day in an undisclosed popular software.
Researchers attacked in this campaign are involved in vulnerability research and development, according to Google's team of security experts that protects the company's users from state-sponsored attacks.
The attackers use Twitter and Mastodon social media to lure targeted security researchers into switching to encrypted messaging platforms like Signal, Wire, or WhatsApp.
In March 2021, Google TAG revealed the attacks picked up again, targeting security researchers using fake LinkedIn and Twitter social media accounts and a fake company named SecuriElite.
Earlier this year, in March, Mandiant also picked up on and exposed a suspected North Korean hacking group attacking security researchers and media organizations in the United States and Europe using fake job offers to infect them with new malware.
Although Google has not explicitly outlined the objectives of these attacks, their primary goal appears to be the acquisition of undisclosed security vulnerabilities and exploits by targeting specific researchers.
News URL
Related news
- Google says hackers abuse Gemini AI to empower their attacks (source)
- Google fixes Android kernel zero-day exploited in attacks (source)
- MUT-1244 targeting security researchers, red teamers, and threat actors (source)
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)
- Russian hackers use RDP proxies to steal data in MiTM attacks (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)
- New details reveal how hackers hijacked 35 Google Chrome extensions (source)
- Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them (source)
- Chinese hackers targeted sanctions office in Treasury attack (source)