Google has revealed that a number of cyber-security researchers who are focused on vulnerability research have been targetted by a North Korean government hacking group.
Google’s Threat Analysis Group (TAG), who is a security team specialised in discovering advanced persistent threat (APT) groups, first noticed the attacks. Google’s TAG published a report outlining the attack, explaining that North Korean hackers contacted security researchers using fake personas on multiple profiles across a range of various social networks, such as Telegram, LinkedIn, Twitter, Keybase and Discord.
Adam Weidemann, a security researcher from Google’s TAG, said, “after establishing initial communications, the actors would ask the targeted researcher if they wanted to collaborate on vulnerability research together, and then provide the researcher with a Visual Studio Project.”