Begin typing your search above and press return to search.
proflie-avatar
Login
exit_to_app
Champions Trophy tournament
access_time 21 Nov 2024 5:00 AM GMT
The illness in health care
access_time 20 Nov 2024 5:00 AM GMT
The fire in Manipur should be put out
access_time 21 Nov 2024 9:19 AM GMT
America should also be isolated
access_time 18 Nov 2024 11:57 AM GMT
Munambam Waqf issue decoded
access_time 16 Nov 2024 5:18 PM GMT
The betrayal of the highest order
access_time 16 Nov 2024 12:22 PM GMT
DEEP READ
Munambam Waqf issue decoded
access_time 16 Nov 2024 5:18 PM GMT
Ukraine
access_time 16 Aug 2023 5:46 AM GMT
Foreign espionage in the UK
access_time 22 Oct 2024 8:38 AM GMT
exit_to_app
Homechevron_rightTechnologychevron_rightNorth Korean hackers...

North Korean hackers using social media to target researchers: Google

text_fields
bookmark_border
North Korean hackers using social media to target researchers: Google
cancel

In a report published today, Google has revealed that its Threat Analysis Group (TAG) has identified what appears to be a group of North Korean government-backed hackers using social media to target cybersecurity researchers.

Google TAG member Adam Weidemann called it an "ongoing campaign" that targeted security researchers working on "vulnerability research and development" in a blog post published on Tuesday. The North Korean group uses social media platforms like Twitter, LinkedIn, Telegram, Discord, Keybase and E-mail to get access to these researchers who work on identifying security issues in software.

"In order to build credibility and connect with security researchers, the actors established a research blog and multiple Twitter profiles to interact with potential targets," Weidemann wrote. "They've used these Twitter profiles for posting links to their blog, posting videos of their claimed exploits and for amplifying and retweeting posts from other accounts that they control."

The hackers would build a rapport with researchers and invite them to collaborate on finding bugs and vulnerabilities in security software which they would then try to exploit, Weidemann said. They would also invite researchers onto a blog hosted by the hackers and then install a software that would allow the researcher's computer to be accessed by the hacker.

"At this time we're unable to confirm the mechanism of compromise," said Weidemann although he welcomed any information about the security flaw.

The TAG team has recommended that researchers exercise caution when accepting third-party files and to use separate physical or virtual machines for general browsing and research activities.

Show Full Article
TAGS:HackingPrivacy Breach
Next Story