Hackers pretending to be security researchers infect multiple systems with malicious backdoor by befriending analysts.
A very ingenious social engineering campaign allowed North Korean hackers to infect multiple companies with a malicious backdoor. Their strategy was to build trusted relationships with key personnel by doing everything they could to be believable. They created their own research blog, multiple Twitter profiles, and social media accounts to look legitimate.
Having a credible and robust presence online, they first contacted researchers claiming to work on similar projects, invited them to collaborate, and infect them with malware when they least expected it.
Hackers used either a malicious backdoor in a custom Visual Studio Project or their own website to propagate the malware. They managed to infect fully patched systems, which indicated they used 0-day vulnerabilities in their attacks.
Check the source.
Read More
- Massive $59M Facebook Phishing Campaign Steals Nearly 400M CredentialsThreat actors have managed to net a staggering $59 million and steal hundreds of millions of credentials in a […]
- Human Error is a Top Security Risk in 2022, New Report ShowsA new report from Verizon warns about the human error as being one of the most frequent causes of […]
- Paying The Ransom – An Open Invitation For A Second Attack, 2022 Report WarnsWhether the unlucky victim of a ransomware attack ends up paying the ransom or not, they are still susceptible […]
- FBI: Business Email Compromise – a $43B ScamA new FBI report warns of a staggering spike in hacking activities using the Business Email Compromise technique (BEC), […]
- NVIDIA Confirms Employee Credentials And Proprietary Data Stolen During CyberattackNVIDIA confirmed the Lapsus$ cyberattack and the data leak that followed, saying it first became aware of the security […]
Attribution:
Photo by Steve Barker on Unsplash