Google has discovered a new cyberwarfare tactic that North Korea had been using for months to trick security researchers into doing the regime’s bidding.
As reported by the Google Threat Analysis Group, hackers from North Korea had been targeting white hats—you know, the good guys who discover bugs in order to find fixes to prevent exploitation—through social media such as Twitter, LinkedIn, Discord, and Telegram.
They would use fake profiles to reach out to the researchers under the pretense of collaborating on vulnerability research and finding zero-day flaws.
- 6 FREE apps for a more private and secure messaging experience
- How to get rid of malware from your Android smartphone
The hackers would then share a link to a malicious website, which remains active but Google has since marked as dangerous. There were, however, researchers who took the bait and had their computers infected by malware.
The malicious code would be used to create a backdoor for hackers to gain remote access to the researchers’ computers and control servers.