• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

North Korean Hackers Impersonate Researchers to Steal Intel

You are here: Home / General Cyber Security News / North Korean Hackers Impersonate Researchers to Steal Intel
December 12, 2022

A prolific North Korean state hacking group has gone back to fundamentals in a new try to realize Western thinking about the hermit nation, according to Microsoft.

Instead of employing spear-phishing emails and/or covert info-thieving malware, the hackers are applying rather very simple impersonation methods to get the details they want, the Microsoft Menace Intelligence Centre (MSTIC) instructed Reuters.

They are doing this by sending emails to researchers and foreign affairs analysts, spoofed to look as if sent by journalists and peers in the field. These missives will question straight out for the experts’ feelings on North Korean security issues or even supply them revenue to create reports.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


1 goal, US-based mostly analyst Daniel DePetris, advised the newswire that he received e-mails from a purported assume-tank researcher inquiring for a paper submission or remarks on a draft.

A single apparently provided him $300 to critique a document about North Korea’s nuclear software and questioned for recommendations for other doable reviewers.

In yet another incident, a faked Kyodo Information reporter reached out to a staffer at expert analyst house 38 North asking how they considered the war in Ukraine impacted North Korea, as very well as US, Chinese and Russian insurance policies.

The 38 North director Jenny City was also impersonated in an email despatched to DePetris asking for information and facts. He said the emails bundled reliable-hunting logos and email signatures, so only when he followed up with the genuine Jenny City did he realize it was a rip-off.

The new marketing campaign has been working since January and is attributed to the North Korean Kimsuky (Thallium) group.

It’s equally quicker and much easier to elicit details from sure sources this way, somewhat than operating spear-phishing campaigns, creating malware and then wading through compromised email inboxes for the proper intelligence.

“The attackers are receiving the info straight from the horse’s mouth, if you will, and they never have to sit there and make interpretations since they are receiving it specifically from the qualified,” said MSTIC team member James Elliott.

“The attackers are obtaining a ton of good results with this really, extremely straightforward system. For us as defenders, it is really, definitely tough to cease these email messages.”


Some components of this short article are sourced from:
www.infosecurity-journal.com

Previous Post: «Cyber Security News Researchers Find 63 Zero-Day Bugs at Latest Pwn2Own
Next Post: Transitive Dependencies Account for 95% of Bugs Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Russian Turla Hackers Hijack Decade-Old Malware Infrastructure to Deploy New Backdoors
  • WhatsApp Unveils Proxy Support to Tackle Internet Censorship
  • Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
  • Blind Eagle Hacking Group Targets South America With New Tools
  • US Family Planning Non-Profit MFHS Confirms Ransomware Attack
  • Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
  • Dridex Malware Now Attacking macOS Systems with Novel Infection Method
  • Cyber attacks on UK organisations surged 77% in 2022, new research finds
  • WhatsApp to combat internet blackouts with proxy server support
  • The IT Pro Podcast: Going passwordless

Copyright © TheCyberSecurity.News, All Rights Reserved.