Google warns researchers targeted by North Korean hackers via social media | Tech News
Home Tech Tech News Google warns researchers targeted by North Korean hackers via social media

Google warns researchers targeted by North Korean hackers via social media

The team said the attackers seemed to target only Windows systems, while users who were running updated Windows 10 and Chrome browsers were still infected, suggesting the attacks were previously undetected - also known as zero day vulnerabilities.

By: HT TECH
| Updated on: Aug 21 2022, 14:32 IST
The team at Google believes that the attacks were carried out by a government-backed entity based in North Korea.
The team at Google believes that the attacks were carried out by a government-backed entity based in North Korea. (Bloomberg)

Google's Threat Analysis Group (TAG) has warned that it has discovered a relatively new campaign over the last several months that targeted security researchers and other members of the infosec community across several companies.

The team at Google believes that the attacks were carried out by a government-backed entity based in North Korea, Google TAG's Adam Weidemann said in a blog post on Monday.

As the infosec community is usually wary of suspicious looking accounts or sources of information, the attackers had created a ‘research blog' and set up multiple Twitter accounts which they then used to get in touch with their targets - the researchers. Those accounts disseminated posts made to the research blog, which were then retweeted by other accounts to give them a sense of credibility and amplify them, the threat analysis team said.

As the infosec community is usually wary of suspicious looking accounts or sources of information, the attackers had created a ‘research blog’ and set up multiple Twitter accounts which they then used to get in touch with their targets - the researchers.
As the infosec community is usually wary of suspicious looking accounts or sources of information, the attackers had created a ‘research blog’ and set up multiple Twitter accounts which they then used to get in touch with their targets - the researchers. (Google TAG)
image caption
As the infosec community is usually wary of suspicious looking accounts or sources of information, the attackers had created a ‘research blog’ and set up multiple Twitter accounts which they then used to get in touch with their targets - the researchers. (Google TAG)

What's interesting is that while the attackers' blog had analyses of publicly disclosed vulnerabilities, they also managed to convince legitimate security researchers to contribute as ‘guests' to their site, perhaps luring them with the promise of a good platform to be featured on and a chance to network with other researchers. The researchers were contacted on Twitter, LinkedIn, Telegram, Discord and Keybase.

Also read: Chrome for Android gets another zero-day vulnerability fix

Those who agreed to collaborate were sent a Visual Studio Project, which would infect the targeted researcher's computer and install a backdoor access for another malware controlled server, then wait for commands from the main server. Google says the attackers seemed to target only Windows systems. Also, users who were running updated Windows 10 and Chrome browsers were still infected, suggesting the attacks were previously undetected - also known as zero day vulnerabilities.

While the attackers’ blog had analyses of publicly disclosed vulnerabilities, they also managed to convince legitimate security researchers to contribute as ‘guests’ to their site
While the attackers’ blog had analyses of publicly disclosed vulnerabilities, they also managed to convince legitimate security researchers to contribute as ‘guests’ to their site (Google TAG)
image caption
While the attackers’ blog had analyses of publicly disclosed vulnerabilities, they also managed to convince legitimate security researchers to contribute as ‘guests’ to their site (Google TAG)

“We hope this post will remind those in the security research community that they are targets to government-backed attackers and should remain vigilant when engaging with individuals they have not previously interacted with,” Weidemann. “If you are concerned that you are being targeted, we recommend that you compartmentalize your research activities using separate physical or virtual machines for general web browsing, interacting with others in the research community, accepting files from third parties and your own security research,” he added.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 26 Jan, 21:34 IST
Tags:
Trending: oneplus 12r: oneplus’ most powerful ‘r’ model with aqua touch how to change whatsapp font style and font size in chat window use of whatsapp plus, gb whatsapp got your whatsapp account banned? here is how to fix it chatgpt maker openai is developing a ‘media manager’ tool for content creators- details this horrifying whatsapp scam can hijack your account with just a phone call beware! your whatsapp account can be hacked easily; here’s how this cybcercrime works whatsapp may bring account restriction feature- know what it’s about and how it will work did facebook really change its logo? see if you can spot the difference dark side of social media: how tiktok star ava majury was almost killed earning money online big relief! your google storage plan increased to a fantastic 1tb for free
NEXT ARTICLE BEGINS

Tips & Tricks

iPhone travel hacks
iPhone tips: 6 useful features in iOS 17 to try during your next foreign vacation
Samsung_Galaxy_M55_5G_10_things_to_know_about_this
Samsung Galaxy M55 5G: 10 things to know about this mid-range smartphone
ash-lab-wuK7M2xH3WU-unsplash
iPhone 15 hidden features: How to take a passport photo on iPhone- 5 steps
Slide_1
5 films to watch on YouTube that are shot entirely on iPhone 15 Pro Max
GTA5_EIGHT
GTA Online: From competing in races to having a party, 7 things to do if you are bored

Editor’s Pick

OnePlus Nord CE 4 Review
OnePlus Nord CE 4 Review: No nonsense smartphone under 25,000
Lok Sabha election 2024: How to find the location of your polling booth online with mobile number
Lok Sabha election 2024: How to find the location of your polling booth online with mobile number
Atomberg fan: What is BLDC tech? Top 5 Atomberg ceiling fans with best price
Best Atomberg ceiling fans (2024) for your modern home: BLDC tech, high speed, saves power bills
iPhone 16 vs iPhone 15
iPhone 16 vs iPhone 15: Know expected upgrades, specifications and what features to expect from Apple
LG Artcool AC launched
LG Artcool AC launched: Here are the latest LG air conditioner models in 2024 and all top features explained

Trending Stories

iPhone 16 vs iPhone 15
iPhone 16 vs iPhone 15: Know expected upgrades, specifications and what features to expect from Apple
iPhones
iPhone discounts: Best deals on iPhone 13, 14, and 15 [April 2024]
Samsung Galaxy Unpacked event date tipped
Samsung Galaxy Unpacked event date tipped: From Galaxy Z Fold 6 to Galaxy Ring, know what’s coming
Apple's May event
iPad Air 2024 may skip mini-LED display- Here's what to expect from Apple Event on May 7
GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean
GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean
keep up with tech

Gaming

GTA 6 leak: Manni L. Perez and Dylan Rourke emerge as potential Grand Theft Auto 6 protagonists
GTA 6 leak: Manni L. Perez and Dylan Rourke emerge as potential Grand Theft Auto 6 protagonists
GTA 6 launch could take place place in early 2025 - All details
GTA 6 launch could take place place in early 2025, suggests leak - All the details
Garena Free Fire MAX Redeem Codes for May 8: Mystery Shop event offers big discounts on bundles
Garena Free Fire MAX Redeem Codes for May 8: Mystery Shop event offers big discounts on bundles
Garena Free Fire Redeem Codes for May 8
Garena Free Fire Redeem Codes for May 8: Summer Heat Event announced, check rewards
Garena Free Fire MAX Redeem Codes for May 7: Grab free in game loot- weapons, skins and more today
Garena Free Fire MAX Redeem Codes for May 7: Grab free in game loot- weapons, skins and more today

Best Deals For You

PlayStation 5
5 best gaming consoles to buy right now: PlayStation 5, Xbox Series X and more
best smartwatch brands
Top 10 smartwatch brands: Leading the market with innovation
Qualcomm Snapdragon X Plus chip for laptops unveiled, promising enhanced performance and AI capabilities
Qualcomm Snapdragon X Plus chip for laptops unveiled, promising enhanced performance and AI capabilities
Smartwatch
10 Best smartwatches under Rs.700 for kids: Check cool and trendy picks
oneplus phones under <span class='webrupee'>₹</span>35000
Explore 10 OnePlus phones under Rs. 35,000: Premium experience, accessible prices

    Trending News

    iPhone 16 vs iPhone 15: Know expected upgrades, specifications and what features to expect from Apple
    iPhone 16 vs iPhone 15
    iPhone discounts: Best deals on iPhone 13, 14, and 15 [April 2024]
    iPhones
    Samsung Galaxy Unpacked event date tipped: From Galaxy Z Fold 6 to Galaxy Ring, know what’s coming
    Samsung Galaxy Unpacked event date tipped
    iPad Air 2024 may skip mini-LED display- Here's what to expect from Apple Event on May 7
    Apple's May event
    GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean
    GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean

    Trending Gadgets

    Mobiles Laptops Tablets