Google believes the hackers are backed by the North Korean government.
In January 2020, Google revealed that cyber criminals have been targeting IT security researchers around the world. Now, according to the latest update from Google’s Threat Analysis Group (TAG), a North Korean government-backed hacking group is targeting security researchers with fake social media (Twitter and LinkedIn) accounts.
Moreover, they have created a fake cyber security company called SecuriElite, which is based in Turkey and using its website to lure security experts.
SEE: Fake Cyberpunk 2077 Android App Delivering Ransomware
Reportedly, this company offers offensive security services, including “pentests, software security assessments, and exploits,” wrote Adam Weidemann from TAG. The website went live on March 17, while TAG’s team flagged the campaign as early as Jan 2021.
How Hackers Targeted Researchers?
In its blog post published on Wednesday, Google researchers wrote that the attackers tricked unsuspecting users via fake accounts and websites. When they visited the link, a browser exploit gets triggered immediately.
In total, eight Twitter accounts and seven LinkedIn profiles were identified by Google. A research blog and various fake profiles were created on different social media platforms including Twitter, Telegram, LinkedIn, Keybase, and Discord, to communicate with researchers and gain trust. Then they deployed a Windows backdoor through a trojanized Visual Studio Project.
All Fake Accounts Disabled
Google claims that it reported about the new campaign and the ..
Support the originator by clicking the read the rest link below.
