Hackers have turned their attention to the researchers hunting them down
Cybercriminals are on the offensive and they’re targeting security experts
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
A state-sponsored cybercrime group from North Korea has kicked off a new campaign targeting cybersecurity researchers, saysGoogle.
According to anew reportfrom the company’s Threat Analysis Group (TAG), the attackers have created a fake offensive security company called “SecuriElite”, offering penetration testing, software security assessments and exploits.
The group also set up a whole slew of fake social media accounts across various channels, including Twitter and LinkedIn, as well as a fake website, all with the goal of establishing credibility in the cybersecurity industry.
All of these techniques are designed as a lure, to get cybersecurity researchers interested in the fake company’s “work”.
The website is yet to serve malicious content to anyone, Google said, but has been added to Google Safebrowsing anyway.
Distributing zero-days
According to a ZDNet report, the modus operandi is pretty clear: after setting up their online presence and establishing themselves as “experts”, the attackers reach out to their targets and offer to collaborate on cybersecurity research.
If the victim accepts, the group either sends them a malicious Visual Studio project carrying a backdoor or redirects them to a blog filled with malicious code and different browser exploits.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
These are known state-sponsored actors, Google claims. The same group is said to have used a similar zero-day back in January.
All of the malicious social media accounts identified have been reported to their respective platforms, and should be taken down sooner rather than later.
ViaZDNet
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
This new malware utilizes a rare programming language to evade traditional detection methods
A new form of macOS malware is being used by devious North Korean hackers
Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time
