Google: North Korean APT Gearing Up to Target Security Researchers Again
#1
Information 
Quote:The same North Korean threat actors that targeted security researchers in January appear to be readying a new campaign using a fake company (and associated social-media accounts) that aim to lure security professionals into another cyber-espionage trap.
 
Google discovered the site as well as Twitter and LinkedIn profiles for a fake company called “SecuriElite” that purports to be an offensive security firm located in Turkey, according to a post published Wednesday by the Google Threat Analysis Group (TAG). The company claims to offer pen-tests, software security assessments and exploits, researchers said.
 
However, there are clear indications that the company and its associated websites and profiles are bogus, and actually the work of Zinc, a North Korean advanced persistent threat group (APT) linked to a more notorious APT Lazarus, and later blamed for the January campaign.
 
Moreover, while researchers have seen no evidence yet of nefarious activity from attackers that leverage these web assets, it appears that attackers are gearing up to target security researchers again by the nature of the activity, according to Google TAG.
 
Like previous websites that Google TAG has observed Zinc establish, the SecuriElite website has a link to the group’s PGP public key at the bottom of the page, researchers noted.
 
“In January, targeted researchers reported that the PGP key hosted on the attacker’s blog acted as the lure to visit the site, where a browser exploit was waiting to be triggered,” according to the post.

Read more: North Korean APT Gears Up to Target Security Researchers | Threatpost
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Malwarebytes 5.2.10.182
Malwarebytes 5.2.1...Mohammad.Poorya — 16:46
Microsoft Defender Antivirus security in...
Microsoft Defender...harlan4096 — 13:44
AnyDesk 6.4.3 for Linux
AnyDesk 6.4.3 for ...harlan4096 — 09:51
AnyDesk 9.5.0 for Windows
AnyDesk 9.5.0 for ...harlan4096 — 09:51
Notepad++ v8.7.9 released 2025-04-02
Notepad++ v8.7.9 r...harlan4096 — 09:49

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (44)wapedDow
avatar (48)oapedDow
avatar (41)Sanchowogy
avatar (45)MeighGoask
avatar (46)creatralGuelm
avatar (37)procnipsut
avatar (43)accenwibly
avatar (40)ahyvily
avatar (37)urumahiz
avatar (43)techlignub
avatar (42)Stevenmam
avatar (49)onlinbah
avatar (49)fuspeukChark
avatar (43)werriewWaiNg
avatar (37)Freemanleo
avatar (42)cdoubapKit
avatar (37)lystraPonia
avatar (30)smith8395john
avatar (50)steakelask
avatar (44)Termoplenka
avatar (42)bycoPaist
avatar (48)pieloKat
avatar (42)ilyagNeexy
avatar (50)donitascene
avatar (50)burntLaw
avatar (40)MrDoorsskibheeds
avatar (50)Toligo
avatar (45)Rodneykak
avatar (48)tradeSmode
avatar (38)vemedProkbior
avatar (37)RobertUtelt
avatar (45)JamesZic
avatar (42)Sanfordbup
avatar (37)Der.Reisende

[-]
Online Staff
There are no staff members currently online.

>