Hackers pretending to be security researchers infect multiple systems with malicious backdoor by befriending analysts.
A very ingenious social engineering campaign allowed North Korean hackers to infect multiple companies with a malicious backdoor. Their strategy was to build trusted relationships with key personnel by doing everything they could to be believable. They created their own research blog, multiple Twitter profiles, and social media accounts to look legitimate.
Having a credible and robust presence online, they first contacted researchers claiming to work on similar projects, invited them to collaborate, and infect them with malware when they least expected it.
Hackers used either a malicious backdoor in a custom Visual Studio Project or their own website to propagate the malware. They managed to infect fully patched systems, which indicated they used 0-day vulnerabilities in their attacks.
Check the source.
Read More
- Fresh COVID-19 Phish: Cybercrooks Impersonate Pfizer In Request For Quotation ScamBad guys exploiting the COVID-19 pandemic is nothing new under the sun. However, the newest highly-targeted phishing campaign impersonating […]
- Ransomware Attack Hits McMenamins; 2,700 Employee Records Potentially LeakedA recent attack targeted McMenamins, a popular family-run chain of hotels, restaurants, and breweries. The company is still experiencing […]
- The Number Of Double-Extortion Ransomware Victims Sees Massive 935% Increase In 2021A jaw-dropping three-digit spike in the number of companies hit with double-extortion ransomware attacks, most likely due to easy […]
- Cybercrooks Aiming To Take Over 1.6M WordPress Sites In Active AttackThreat actors are actively exploiting security flaws in four plugins and Epsilon themes to assign themselves administrative accounts and […]
- Cuba Ransomware Group Raked In $44M In Payouts, The FBI SaysThe Cuba ransomware gang is a wide range of tools and malware to launch and conduct attacks targeting organizations […]
