 "North Korean hackers target security researchers with convincing fake profiles")
New Delhi: Hackers connected to the North Korean government have in recent years posed as recruiters with offers of extravagant jobs at big-name firms with massive salaries to target workers in a variety of industries, a new research reveals. This campaign has mostly been carried out via email in the past few years. But now these hackers have shifted these phishing attempts to LinkedIn and WhatsApp. The research was carried out by security firm Mandiant. Researchers claimed that they first noticed the phishing campaign last June, targeting a US-based customer in the technology industry. Hackers first made convincing fake profiles on LinkedIn and then reached out to people with phoney job offers. If convinced, they asked the victims to move the conversation over to WhatsApp. After that, they would send a phishing payload disguised as a job description, primarily in the form of customised Microsoft Word documents embedded with macros that would pull malware from a remote server. In this campaign, hackers made an effort to infect targets with three new malware families, Touchmove, Sideshow, and Touchshift, according to Mandiant. The hackers in these attacks also demonstrated new capabilities to counter endpoint detection tools while operating within the cloud environments of their targets. This North Korean threat actor is “one of the more skilled groups coming out of this closed off nation,” according to Michael Barnhart, a principal analyst at Mandiant. The group used a variety of new tools to target security researchers, reported Cyberscoop. According to Mandiant’s report, while earlier campaigns primarily targeted the media, technology, and defence sectors, this more recent effort specifically targeted security researchers, possibly indicating “a shift in strategy or an expansion of its operations.” With inputs from agencies Read all the Latest News , Trending News , Cricket News , Bollywood News , India News and Entertainment News here. Follow us on Facebook, Twitter and Instagram.
This campaign has mostly been carried out via email in the past few years. But now these hackers have shifted these phishing attempts to LinkedIn and WhatsApp
Advertisement
End of Article
 "Russian drones over Poland: Trump’s tepid reaction a wake-up call for Nato?")
 "As Russia pushes east, Ukraine faces mounting pressure to defend its heartland")
 "Why Mossad was not on board with Israel’s strike on Hamas in Qatar")
 "Turkey: Erdogan's police arrest opposition mayor Hasan Mutlu, dozens officials in corruption probe")
 "Russian drones over Poland: Trump’s tepid reaction a wake-up call for Nato?")
 "As Russia pushes east, Ukraine faces mounting pressure to defend its heartland")
 "Why Mossad was not on board with Israel’s strike on Hamas in Qatar")
 "Turkey: Erdogan's police arrest opposition mayor Hasan Mutlu, dozens officials in corruption probe")
