Dmitry Nogaev | Getty Images
Google has warned that a “continuous” state-sponsored hacking campaign by North Korea has exposed cyber security researchers.
The Silicon Valley group said the threat analysis team finds that cyber-attackers posing as researchers have created numerous fake social media profiles on platforms like Twitter and LinkedIn. To gain credibility, they also set up a fake blog for which they would get unconscious targets to write guest posts about real software bugs.
After communicating with an actual researcher, the attackers would ask the target to collaborate on research into the vulnerability of cybersecurity and then share collaborative tools that contain malicious code to install malware on the researcher’s systems.
In some cases, the attackers were able to create a backdoor on the victim’s computer, even if their systems were completely up to date with the Windows 10 and Chrome browser versions, Google says.
The campaign would enable the hackers to gain insight into vulnerabilities that the research community has studied to exploit.
Several researchers wrote following Google’s statement on Twitter that they had been contacted by the hackers, but that they had not been compromised.
Google attributed the latest campaign to “a government-backed entity based in North Korea” – one of the largest state sponsors for burglary next to Russia, Iran and China.
North Korea is also among the countries accused of carrying out cyber attacks to steal research and data on coronavirus vaccine. The Wall Street Journal reported last year that Pyongyang had coordinated attacks on at least six vaccine developers, including Johnson & Johnson and Novavax in the US, the UK’s AstraZeneca and several South Korean companies.
According to analysts, North Korea’s cyber army consists of thousands of knowledgeable cyber hackers whose targets range from small-scale fraud and theft of cryptocurrencies to the theft of nuclear secrets and weapons technology.
According to the country’s perception as a technological backdrop, its hackers have a record of major cyber disruptions, including the 2014 hacking of Sony Pictures and the WannaCry attack on malware in 2017. In 2019, a UN sanctions report estimated that $ 2 billion raised for Kim Jong. Un’s weapons program via North Korean cyber actors.
The latest campaign comes because cyber security companies have found themselves a specific target for hacking campaigns.
In December, cybersecurity group FireEye as well as Microsoft reported that they were the victims of an extensive cyber espionage campaign led by Russian state hackers, which also targeted a number of US federal agencies and private sector groups.
Additional reporting by Edward White in Seoul.
© 2021 The Financial Times Ltd. All rights reserved Do not redistribute, copy or alter in any way whatsoever.