Quote:The same North Korean threat actors that targeted security researchers in January appear to be readying a new campaign using a fake company (and associated social-media accounts) that aim to lure security professionals into another cyber-espionage trap.
Google discovered the site as well as Twitter and LinkedIn profiles for a fake company called “SecuriElite” that purports to be an offensive security firm located in Turkey, according to a post published Wednesday by the Google Threat Analysis Group (TAG). The company claims to offer pen-tests, software security assessments and exploits, researchers said.
However, there are clear indications that the company and its associated websites and profiles are bogus, and actually the work of Zinc, a North Korean advanced persistent threat group (APT) linked to a more notorious APT Lazarus, and later blamed for the January campaign.
Moreover, while researchers have seen no evidence yet of nefarious activity from attackers that leverage these web assets, it appears that attackers are gearing up to target security researchers again by the nature of the activity, according to Google TAG.
Like previous websites that Google TAG has observed Zinc establish, the SecuriElite website has a link to the group’s PGP public key at the bottom of the page, researchers noted.
“In January, targeted researchers reported that the PGP key hosted on the attacker’s blog acted as the lure to visit the site, where a browser exploit was waiting to be triggered,” according to the post.
Read more: North Korean APT Gears Up to Target Security Researchers | Threatpost
![[-]](https://www.geeks.fyi/images/collapse.png)
