Korean hackers targeting cybersecurity community: Google
Hackers established a research blog, multiple Twitter profiles to interact with potential targets
Ultimately, if the prediction is incorrect, it will throw those instructions out of the pipeline, but this might be too late because those instructions could leave side-effects while waiting in the pipeline that an attacker could later exploit to infer secrets such as a password
New Delhi: Google has identified a North Korean government hacking group that is targeting members of the cyber-security community engaging in vulnerability research.The hacking group has used multiple platforms to communicate with potential targets, including Twitter, LinkedIn, Telegram, Discord, Keybase and email.
In order to build credibility and connect with security researchers, the bad actors established a research blog and multiple Twitter profiles to interact with potential targets.
"They've used these Twitter profiles for posting links to their blog, posting videos of their claimed exploits and for amplifying and retweeting posts from other accounts that they control," revealed the Google Threat Analysis Group team. "The actors behind this campaign, which we attribute to a government-backed entity based in North Korea, have employed a number of means to target researchers".
