CA News – North Korea targets cybersecurity professionals, according to google

We use navigation cookies (cookies) in order to operate and improve our services as well as for advertising purposes.
Respect for your privacy is important to us if you are not comfortable with this information.
Please check your settings before continuing your visit. Manage cookies for navigation Find out more

Hackers in North Korea, supported by their government, said they had been targeting cybersecurity experts for several months, posing as industry professionals on platforms such as Twitter, LinkedIn, Telegram, Discord et Keybase, Google said in a blog post. ï “(new window) ï ¿

Adam Weidman of Google Threat Analysis Group Says He and His Team Discovered a Campaign [hacking] en cours ciblant des experts en cybersécurité individuels [] dans différentes entreprises et organisations

Although Google does not know the exact objective of the hacking campaign, the company notes that the people targeted are all involved in the search for software vulnerabilities.

Hackers can thus try to find out more about security vulnerabilities that have not yet been revealed., and what? They could use them in future state sponsored attacks, selon The Verge

To achieve their goals, hackers will use a new approach to social engineering, notably by creating a fake blog on cybersecurity and several Twitter accounts to break into anonymity in social media circles and gain credibility by interacting with their potential targets

These accounts are then used to share links and videos of their operation, like the previously announced vulnerability discovery (at least one of these alleged vulnerabilities was completely false, according to google)

After establishing a relationship with the targeted experts, hackers offer to collaborate on a research project, before sending them a project in Visual Studio, which is a bundle of debugging software The development file created by Microsoft is actually a malicious program that takes control of your computer

Google also claims cybersecurity pros were discovered just by visiting the blog created by hackers

In each of these cases, the researchers followed a link on Twitter to a cr0vvvn blog post [I] Shortly after, malware has been installed on their computers, allowing hackers to access it through a backdoor. E (back door), as Adam Weidman explains

Google claims all victims were working with updated version of Windows 10 and the Chrome browser

Please note that Radio Canada does not endorse the opinions expressed Your comments will be moderated and published if they match the channel Have a good discussion!

Important in order to promote rich exchanges, respectful and constructive, chaque commentaire est posté sur les forums de Radio Canada Il sera désormais signé avec le (s) last name (s) and first name (s) of its author (except for the youth area ) Le nom d’utilisateur (alias) will no longer be displayed

By sending us your comments, you acknowledge that Radio Canada reserves the right to reproduce and broadcast them, in whole or in part, and in any way.

The Saskatchewan Information and Privacy Commissioner presented his report on e-health which was the victim of a cyberattack against …

Making hacking fun and accessible is the mission of the creators of Flipper Zero

According to Microsoft, the security of its services or of its customers' data has not been compromised.

Microsoft, Cisco, Dell and Google on Monday joined Facebook's legal battle against NSO group

Starlink and Project Kuiper are said to provide high speed internet service from space

The social network wants to stand out from the competition by focusing on the quality of the companies created

Birdwatch invites netizens to participate in Twitter fact-check

North Korea, Google, security, IT security