Hackers in the service of the North Korean government are using social networks to attack digital security researchers, according to the Google. The Mountain View company claims to have identified several situations where fake accounts on famous platforms have been used to identify and exploit vulnerabilities on specialist machines.
According to the company, North Korea has been sponsoring hackers to create fake profiles that approach researchers to “invite them to write” on fake blogs from security. When one of these guests is a researcher, the invaders invite you to participate in research and discovery of bugs in computer programs. From there, they share “tools” that are actually disguises for malicious code that infiltrate their victims' computers.
In some cases, North Korean hackers were able to establish a secret entrance (backdoor) in the attacked systems, even when it was fully updated, running more secure versions of Windows 10 and browser Google Chrome. The idea is to find flaws that researchers might be studying, to take advantage of them before they are reported to the respective companies.
Social engineering in attacks
After the report by Google, several digital security experts spoke on Twitter, saying they were approached by the hackers, but were not compromised.
However, as the problem is more focused on social engineering and not a specific computer failure, there’s not much Google can do but reinforce recommendations for human interaction over the internet.
It is not the first time that North Korea has made headlines in this regard. In 2020, hackers linked to the country's government were implicated in attacks on research companies vaccine Covid-19, in order to steal confidential information pertinent to the studies of immunizers and, eventually, patients and test volunteers.
Analysts say North Korea employs highly skilled hackers for scams of all kinds, from small individual scams to theft of criptomoedas and military information from other countries.
Source: Ars Technica