Hackers target security researchers

Google is currently warning of targeted cyberattacks by a group targeting security vulnerabilities in IT products. Particularly perfidious: The cybercriminals are posing as security forensics experts in order to obtain more confidential information about exploits.

Cyber Attacks
Pixabay

A hacker group believed to be from North Korea appears to be currently targeting cybersecurity experts. Google security researcher Adam Weidemann from the Threat Analysis Group warns of this in his blogpost. He believes that attackers are targeting multiple companies and security professionals to capture more information about vulnerabilities in IT products.

Hackers disguise themselves as security researchers

The procedure is interesting and perfidious: The hackers pose as security researchers. To do this, they built up their own community and used a research blog as a front to increasingly exchange information with authentic security researchers via direct messages by also recycling the work of other security researchers. It was therefore a targeted attack via social engineering to first gain the credibility of other security researchers.

In some cases, the contact was made via Twitter, with the supposed security researchers offering cooperation and drawing attention to recently discovered exploits. The perpetrators then sent a manipulated Visual Studio project, which is usually used to develop and test software code. The code review software was then typically used to inject malware onto the victims' computers, which in turn could connect to a command-and-control server owned by the hackers.

Another method was to spread malicious code via one's own blog using malicious links. As Google warns, Windows 10 systems with Chrome browser were up to date at that time and thus not immune to attacks.

More details about fake accounts in the Google Threat Report

Source: blog.google/threat-analysis-group

(Visited 81 times, 1 visits today)
h2> More articles on the topic

SECURITY NEWS

Bleiben Sie informiert über aktuelle Sicherheitsthemen – praxisnah und zuverlässig. Erhalten Sie exklusive Inhalte direkt in Ihren Posteingang. Verpassen Sie keine Updates.

Jetzt anmelden!
anmelden
You can unsubscribe at any time!
close-link