Skip to main content

North Korea-backed hackers target security researchers with 0-day

posted onSeptember 7, 2023
by l33tdawg
Arstechnica
Credit: Arstechnica

North Korea-backed hackers are once again targeting security researchers with a zero-day exploit and related malware in an attempt to infiltrate computers used to perform sensitive investigations involving cybersecurity.

The presently unfixed zero-day—meaning a vulnerability that’s known to attackers before the hardware or software vendor has a security patch available—resides in a popular software package used by the targeted researchers, Google researchers said Thursday. They declined to identify the software or provide details about the vulnerability until the vendor, which they privately notified, releases a patch. The vulnerability was exploited using a malicious file the hackers sent the researchers after first spending weeks establishing a working relationship.

Malware used in the campaign closely matches code used in a previous campaign that was definitively tied to hackers backed by the North Korean government, Clement Lecigne and Maddie Stone, both researchers in Google’s Threat Analysis Group, said. That campaign first came to public awareness in January 2021 in posts from the same Google research group and, a few days later, Microsoft.

Source

Tags

Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th