Friday, March 29, 2024

Google reveals North Korean-backed campaign targeting security researchers

Must read

[ad_1]

Google’s TAG team said the attackers had contacted their intended victims, asking to collaborate in the search for vulnerabilities. Besides Twitter, they also used LinkedIn, Telegram, Discord, Keybase, and email to reach their targets, sending them a Microsoft Visual Studio project containing malware to gain access to their systems. In some cases, victims’ computers have been compromised after visiting a bad actor’s blog after following a link on Twitter. Both methods led to the installation of a backdoor on the victims’ computers that connected them to a command and control server controlled by the attacker.

Victims’ systems were compromised while running fully patched and up to date Windows 10 and Chrome browsers. Google’s TAG team has only seen attackers target Windows systems, so far, but they still can’t confirm “the compromise mechanism” and encourages researchers to submit Chrome’s vulnerabilities to its bounty program. bugs. The team also listed all the websites controlled by the actors and accounts that they identified as part of the campaign.



[ad_2]

- Advertisement -spot_img

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -spot_img

Latest article