Metacurity

Share this post

North Korean Hackers Posed as Would-Be Collaborators to Target Security Researchers

metacurity.substack.com

North Korean Hackers Posed as Would-Be Collaborators to Target Security Researchers

Other Top Infosec News for 1/26/21: Former LulzSec hacker published zero-day exploit for SonicWall, Australia's corporate watchdog latest to suffer breach through Accellion, Grindr fined $11.7M, more

Cynthia Brumfield
Jan 26, 2021
∙ Paid
1
Share

If you like Metacurity, recommend that your organization buy a bulk subscription today. Our special offer can deliver our daily incisive news summaries and analysis organization-wide for 50% off per reader. Thank you.

Get 50% off for 1 year

Google’s Threat Analysis Group said that North Korean hackers used multiple profiles on various social networks, such as Twitter, Linked In, Telegram, Discord, and Keybase, and email to reach out to security researchers using fake personas. The threat actors asked to collaborate on vulnerability research but instead delivered a backdoor via Video Studio Project, which contacted a remote command and control server and waiting for commands.

Sometimes the attackers asked the researchers to visit a blog that hosted malicious code that infected their machines, even in cases where the victims were running"fully patched and up-to-date Windows 10 and Chrome browser versions." (Catalin Cimpanu / ZDNet) 

Related: SecurityWeek, Techmeme, Bleeping Computer, Google, BusinessLine - H…

Keep reading with a 7-day free trial

Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
Previous
Next
© 2023 DCT Associates
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing