Hackers pretending to be security researchers infect multiple systems with malicious backdoor by befriending analysts.
A very ingenious social engineering campaign allowed North Korean hackers to infect multiple companies with a malicious backdoor. Their strategy was to build trusted relationships with key personnel by doing everything they could to be believable. They created their own research blog, multiple Twitter profiles, and social media accounts to look legitimate.
Having a credible and robust presence online, they first contacted researchers claiming to work on similar projects, invited them to collaborate, and infect them with malware when they least expected it.
Hackers used either a malicious backdoor in a custom Visual Studio Project or their own website to propagate the malware. They managed to infect fully patched systems, which indicated they used 0-day vulnerabilities in their attacks.
Check the source.
- Most Companies Aren’t Ready For The Greatest Cyber Threat Of 2021 – RansomwareOne would think that ransomware, currently the most significant cyber threat out there, keeps all organizations on edge and […]
- Patch These 5 Vulnerabilities Now To Protect Your Company From Ransomware AttacksHackers are actively exploiting years-old security vulnerabilities to launch ransomware attacks because organizations skip on patching them. Some of […]
- Fileless And Encrypted Malware Saw Massive Growth in Q2 2021A new report analyzing malware trends in the second quarter of 2021 shows that cyber threats are becoming stealthier, […]
- Massive Phishing Attack Hits At Least 6,000 Coinbase UsersCrypto exchange Coinbase confirmed that funds were stolen from at least 6,000 accounts in a vast phishing attack this […]
- The 3 Top Ransomware Threats Might Surprise YouNo, it’s not Revil, Ragnar Locker, BlackMatter, or Conti to make it to the top three ransomware threats responsible […]