North Korea’s elaborate 0-day campaign hits Security Researchers

by | January 26, 2021 | Cybersecurity News

Hackers pretending to be security researchers infect multiple systems with malicious backdoor by befriending analysts.

A very ingenious social engineering campaign allowed North Korean hackers to infect multiple companies with a malicious backdoor. Their strategy was to build trusted relationships with key personnel by doing everything they could to be believable. They created their own research blog, multiple Twitter profiles, and social media accounts to look legitimate.

Having a credible and robust presence online, they first contacted researchers claiming to work on similar projects, invited them to collaborate, and infect them with malware when they least expected it.

Hackers used either a malicious backdoor in a custom Visual Studio Project or their own website to propagate the malware. They managed to infect fully patched systems, which indicated they used 0-day vulnerabilities in their attacks.

Check the source.


Read More

by Dan Florian

Product owner and co-founder of ATTACK Simulator. Dan likes to code, is passionate about design, and loves running and swimming.

There’s no reason to postpone training your employees

Get a quote based on your organization’s needs and start building a strong cyber security infrastructure today.