North Korean-Backed Group Sets Up Fake Security Company, Google Says

Threat actors working on behalf of North Korea posed as security researchers on social media in a campaign to compromise employees of security companies, according to a Google report.
The threat actors” ability and willingness to go after security researchers only shows how serious the campaign really was. It”s not a common occurrence in the cybersecurity world, making the campaign all the more interesting.
A few months ago, Google identified a campaign targeting security researchers working on vulnerability research, which they attributed to a group working for North Korea. The attackers set up a blog, fake contacts and Twitter profiles, then posted videos and used social media to amplify their work.
Now, the group is back, but this time they set up a fake company named SecuriElite, located in Turkey. The primary modus operandi is similar, with the attackers going after the same type of targets.
“The new website claims the company is an offensive security company located in Turkey that offers pentests, software security assessments and exploits,” said Threat Analysis Group”s Adam Weidemann.
“Like previous websites we”ve seen set up by this actor, this website has a link to their PGP public key at the bottom of the page. In January, targeted researchers reported that the PGP key hosted on the attacker”s blog acted as the lure to visit the site where a browser exploit was waiting to be triggered,” he explained.
This time, the group set up a few fake LinkedIn profiles and tried to establish a legitimate company. The attackers have yet to deploy any malicious content, but Google informed LinkedIn of the fake profiles. In the previous campaign, their primary attack vector was an Internet Explorer zero-day, which likely means they have others ready to use.
Google published a complete list of actor-controlled sites and accounts.
tags
Author
Right now
Top posts
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight
April 15, 2022
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users
April 14, 2022
Why and how to hide your IP address while traveling
April 13, 2022
How Bitdefender Can Help Restore Your Privacy in the Digital Age
April 04, 2022
How Strong is VPN Encryption?
February 28, 2022
Top Three Ways Internet Users Unknowingly Help Cybercriminals
February 25, 2022