N. Korean Hackers Targeting Security Experts to Steal Undisclosed Researches
Jan 26, 2021
Google on Monday disclosed details about an ongoing campaign carried out by a government-backed threat actor from North Korea that has targeted security researchers working on vulnerability research and development. The internet giant's Threat Analysis Group (TAG) said the adversary created a research blog and multiple profiles on various social media platforms such as Twitter, LinkedIn, Telegram, Discord, and Keybase in a bid to communicate with the researchers and build trust. The goal, it appears, is to steal exploits developed by the researchers for possibly undisclosed vulnerabilities, thereby allowing them to stage further attacks on vulnerable targets of their choice. "Their blog contains write-ups and analysis of vulnerabilities that have been publicly disclosed, including 'guest' posts from unwitting legitimate security researchers, likely in an attempt to build additional credibility with other security researchers," said TAG researcher Adam Weide...
