Express Computer
Home  »  News  »  North Korean hackers set up fake firm to target researchers

North Korean hackers set up fake firm to target researchers

0 289

A North Korean government-backed hacking group has set up a new website for a fake company called “SecuriElite” to target security researchers, Google’s Threat Analysis Group has warned.

The new website claims the company is an offensive security firm located in Turkey that offers pentests, software security assessments and exploits.

This new campaign comes after Google’s Threat Analysis Group in January documented a hacking campaign by the same North Korean entity targeting security researchers working on vulnerability research and development at different companies and organisations.

In order to build credibility and connect with security researchers, the actors established a research blog and multiple Twitter profiles to interact with the potential targets.

They have used these Twitter profiles for posting links to their blog, posting videos of their claimed exploits and for amplifying and retweeting posts from other accounts that they control.

Talking about the new campaign, Google said that the new website, like previous websites set up by this actor, has a link to their PGP (which can be used to send messages confidentially) public key at the bottom of the page.

In January, the targeted researchers reported that the PGP key hosted on the attacker’s blog acted as the lure to visit the site where a browser exploit was waiting to be triggered.

“The attacker’s latest batch of social media profiles continue the trend of posing as fellow security researchers interested in exploitation and offensive security,” Adam Weidemann of Google’s Threat Analysis Group said in a blog post on Wednesday.

“On LinkedIn, we identified two accounts impersonating recruiters for antivirus and security companies. We have reported all identified social media profiles to the platforms to allow them to take appropriate action,” Weidemann said.

Google said that it has not yet observed the new attacker website serve malicious content, but it has added it to “Google Safebrowsing” as a precaution.

–IANS

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image