Google said that the North Korean Hackers are again started targeting the security researchers using fake social media accounts.
According to Google Threat Analysis Group (TAG) said that the attackers will create a fake organization identified as SecuriElite which is located in Turkey and the organization is offering multiple security services.
As the Google security team focused on the website they focused to hunt it down from the 17th of March. The hackers use fake Twitter and Linked-In accounts and Google disabled these accounts after they know the accounts are linked with this attack.
However, the experts identified the attack in January 2021 and the website was hosted by the hackers by using the public key which is used to infect the security researchers having the malware that triggers the browser that exploits by opening the web-page.
Whereas, these types of attacks are stated from very early before the websites named as SecuriElite wasn’t created and used for delivering the malicious payloads to the users. The experts also said that this time we are not aware of this new attacker and the website that serves the malicious content but we are using Google Safe-browsing while revoking the attacks.
According to the investigation, the experts said that these attackers are very dangerous and utilized multiple zero days.
How they Targets Zero-Days Malware?
In January 2021, the North Korean Hackers identified as Lazarus Group targeted the security researchers by using the social engineering techniques and fake accounts that trapped the researchers. In these types of attacks, the hackers sent the malicious Visual Studio Project links that are connected to the website hosting exploit which is further used or designed for executing the backdoors and targeted the security researchers.
Some security researchers are using the fully updated version of Windows and also executing the most recent version of Google Chrome are got trapped in these attacks that shows that hackers are accessing some zero-day vulnerabilities while infecting the device.
Apart from this, another Internet Zero-Day Exploit was discovered by Cybersecurity hackers. However, Microsoft also reported about these attacks which were further identified as Lazarus Operators that were used for sending emails from the malicious java-script to the security researchers.
