More +
Thursday, April 25, 2024
News
SEARCH NEWS

N Korean hackers targeting cybersecurity community: Google

    SocialTwist Tell-a-Friend    Print this Page   COMMENT
New Delhi | Tuesday, 2021 6:15:06 PM IST
Google has identified a North Korean government hacking group that is targeting members of the cyber-security community engaging in vulnerability research.

The hacking group has used multiple platforms to communicate with potential targets, including Twitter, LinkedIn, Telegram, Discord, Keybase and email.

In order to build credibility and connect with security researchers, the bad actors established a research blog and multiple Twitter profiles to interact with potential targets.

"They've used these Twitter profiles for posting links to their blog, posting videos of their claimed exploits and for amplifying and retweeting posts from other accounts that they control," revealed the Google Threat Analysis Group team.

"The actors behind this campaign, which we attribute to a government-backed entity based in North Korea, have employed a number of means to target researchers".

Their blog contains write-ups and analysis of vulnerabilities that have been publicly disclosed, including "guest" posts from unwitting legitimate security researchers, likely in an attempt to build additional credibility with other security researchers.

On Januart 14, the actors shared via Twitter a YouTube video they uploaded that proclaimed to exploit CVE-2021-1647, a recently patched Windows Defender vulnerability.

"Multiple comments on YouTube identified that the video was faked and that there was not a working exploit demonstrated," Google said in a blog post on Monday.

After these comments were made, the actors used a second Twitter account (that they control) to retweet the original post and claim that it was "not a fake video."

The actors have been observed targeting specific security researchers by a novel social engineering method.

After establishing initial communications, the actors would ask the targeted researcher if they wanted to collaborate on vulnerability research together, and then provide the researcher with a "Visual Studio Project".

"If you are concerned that you are being targeted, we recommend that you compartmentalise your research activities using separate physical or virtual machines for general web browsing, interacting with others in the research community, accepting files from third parties and your own security research," the Google team elaborated.

--IANS na/

( 347 Words)

2021-01-26-12:14:02 (IANS)

 
  LATEST COMMENTS (0)
POST YOUR COMMENT
Comments Not Available
 
POST YOUR COMMENT
 
 
TRENDING TOPICS
Lok Sabha, Ayodhya, Israel, Hamas, election, wrestler, Manipur, Pakistan, polls, sensex, CAA, Congress, BJP, COVID, Filmfare Awards, Afghanistan, BAFTA, Grammy, Oscar, Budget
 
 
CITY NEWS
MORE CITIES
 
 
 
MORE SCIENCE NEWS
Study reveals positive effect of midazol...
Study finds how liver inflammation assoc...
Study reveals novel therapeutic target f...
Study finds common complication of atria...
Researchers discover how complexities in...
Study finds how adding chemotherapy to h...
More...
 
INDIA WORLD ASIA
'She cried for terrorists': Nadda hits o...
Kolkata: Alipore Zoo makes special arran...
Congress hates India's constitution, its...
Madhya Pradesh: PM Modi recalls old days...
Delhi: Ice cream vendor stabbed to death...
BJP files complaint to ECI against Congr...
More...    
 
 Top Stories
People in hill areas want to suppor... 
J-K Police, paramilitary forces hol... 
"I am Azad, will continue to do so:... 
LS polls: 857 polling stations, 87 ... 
13th Dubai Award for Sustainable Tr... 
"I need to pause and think": Spanis... 
NSA Ajit Doval meets Russian counte... 
Karnataka: Basavaraj Bommai attacks... 
 
 
Information
About Us
Advertise with us
Enquiry
Sitemap
Terms & Conditions
Privacy Policy
Disclaimer
Explore Webindia123
News and Press Releases
Education And Career
Video Shows
Movie And Celebrity Events
Deals And Discounts
Yellow Pages/ Business Contacts
Photo Gallery
Classified/ Personal Ads
Automobiles
Realestate/ Properties for sale