"Google releases alarming report about North Korean hackers posing as security analysts... Google unveiled a new report from its Threat Analysis Group on Monday highlighting the work of a group of cyberattackers associated with the government of North Korea that sought to impersonate cybersecurity researchers in an effort to target those 'working on vulnerability research and development at different companies and organizations.'... ...the attackers used a variety of fake blogs, Twitter accounts and LinkedIn profiles to make themselves look legitimate and communicate with researchers and analysts they were hoping to go after. '...After establishing initial communications, the actors would ask the targeted researcher if they wanted to collaborate on vulnerability research together, and then provide the researcher with a Visual Studio Project'... 'Within the Visual Studio Project would be source code for exploiting the vulnerability, as well as an additional DLL that would be executed through Visual Studio Build Events. The DLL is custom malware that would immediately begin communicating with actor-controlled C2 domains.'..." https://www.techrepublic.com/articl...-posing-as-security-analysts/#ftag=RSS56d97e7
That is one hell of a genius idea. Trying to hack the people who find zero day exploits and harvest em by using your own zero day exploit, 300 IQ right here Seems like the majority of em failed tho, minus that one guy that got compromised because his browser was non-restricted. I mean as ahome user I have no reason to be afraid, but if ure a high value target its just dumb not to sandbox or restrict ur browser so even in the event of it getting compromised nothing happens
And seems like some a couple of Chrome zero day exploits were being used to hack them, I'm guessing it's a combo between a Chrome and Windows exploit in order to escape the sandbox. So perhaps it's still a good idea to use anti-exploit protection even though home users will normally not encounter these kind of advanced exploits, but you never know. https://www.microsoft.com/security/blog/2021/01/28/zinc-attacks-against-security-researchers/
"Internet Explorer was to blame for spate of recent cyberattacks In a major revelation, security researchers have discovered that a yet-unpatched vulnerability in Microsoft’s venerable Internet Explorer (IE) web browser was responsible for the spate of attacks against security researchers reported last month. Google’s Threat Analysis Group (TAG) last month disclosed that a North Korean state-sponsored hacking group employed various means, including creating elaborate fake personas to engage with the researchers, in their bid to break into their workstations. Now, according to reports, South Korean security firm ENKI has identified a previously undisclosed zero-day vulnerability in IE, which they claim has been exploited in these recent attacks... According to the report, ENKI is in touch with Microsoft who’ve requested further details from the Korean company..." https://www.techradar.com/news/internet-explorer-was-to-blame-for-spate-of-recent-cyberattacks
Who of these researches is using IE in 2021... They should get their job revoked (if they really used IE) Well, maybe they were researching IE...
We encountered one of our customers using IE last week. A lot of businesses, especially larger ones, are slow to move. I'm still wondering where North Korea got hackers. I thought they barely had internet...
"How North Korea's Hackers Became Dangerously Good... North Korea is cultivating elite hackers much like other countries train Olympic athletes, according to defectors and South Korean cyber and intelligence experts. Promising students are identified as young as 11 years old and funneled into special schools, where they are taught hacking and how to develop computer viruses. 'Once you have been selected to get into the cyber unit, you receive a title that makes you a special citizen, and you don’t have to worry about food and the basic necessities,' says a defector familiar with North Korea’s cyber training..." [Interesting read] https://www.lopinion.fr/edition/wsj/how-north-korea-s-hackers-became-dangerously-good-147906
LOL, fully agree. And if you are foolish enough to use IE, then at least protect it with anti-exploit like HMPA, MBAE or Sandboxie.
For all of the countless memes with pics Un holding a floppy disk, you have to suspect they don't have a lot of advanced tech, or at least didn't.
