{"id":832,"date":"2021-01-27T18:36:55","date_gmt":"2021-01-27T13:06:55","guid":{"rendered":"https:\/\/xiarch.com\/blog\/?p=832"},"modified":"2021-06-07T10:34:50","modified_gmt":"2021-06-07T05:04:50","slug":"north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches","status":"publish","type":"post","link":"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/","title":{"rendered":"North Korean Hackers Targeting Security Experts to Reveal Confidential Researches"},"content":{"rendered":"\n

On 25th January 2021, Google uncovered an ongoing campaign that was carried out by the attackers from North Korea, now targeting the security researchers to get their confidential information.<\/p><\/p>\n\n\n\n

The Thread Analysis Group shared on Twitter, Telegram, LinkedIn, Discord, and other social media platforms to communicate with researchers and enhancing their trust.<\/p><\/p>\n\n\n\n

This entire attack was well planned and was developed to steal the information, to leak the confidential information, or allow them to take this attack on another level.<\/p><\/p>\n\n\n\n

According to the researcher the hackers created 5 fake LinkedIn accounts and 10 fake Twitter accounts that were used while engaging with the researchers and sharing the videos related to the exploit and also for retweeting the other attacker-controlled accounts.<\/p><\/p>\n\n\n\n

\"North<\/figure><\/div>\n\n\n\n

The hackers used a Twitter account to share a YouTube video and the compromised account claimed that the exploit founded under the Windows Defender named CVE-2021-1647 was patched, but in reality, the exploit is fake.<\/p><\/p>\n\n\n\n

The group of hackers also said that they were used a novel social engineering method to compromise the security researchers by asking them if they are interested in working with them while finding the up comings vulnerabilities together and then the hackers start targeting them with the help of Visual Studio Project.<\/p><\/p>\n\n\n\n

This project contains the source code while executing the vulnerabilities and install a custom malware that established communication with a remote command-and-control server to run the arbitrary commands on the infected system.<\/p><\/p>\n\n\n\n

\"North<\/figure><\/div>\n\n\n\n

The researcher also said that the malware delivered through the project shared code having similarities with another virus Manuscrpyt, previously known as Windows backdoor created by Lazarus Group.<\/p><\/p>\n\n\n\n

\"North<\/figure><\/div>\n\n\n\n

Whereas TAG also said that in several cases where researchers infected after visiting the blog and also by visiting on malicious services that were installed on the machine.<\/p><\/p>\n\n\n\n

The victim’s system is an up-to-date and fully patched version of Windows 10 and chrome web browser. It is also founded that the attackers are exploiting zero-day vulnerabilities in Windows 10 and Chrome while deploying the malware.<\/p><\/p>\n\n\n\n

Conclusion<\/strong><\/h2>\n\n\n\n

We recommend that you use separate physical or virtual machines for web browsing and interacting with others in the research community. Also, alert while receiving the files from third-parties applications, don\u2019t click on any unwanted links if you don\u2019t want to become the victims of these issues.<\/p><\/p>\n","protected":false},"excerpt":{"rendered":"

On 25th January 2021, Google uncovered an ongoing campaign that was carried out by the attackers from North Korea, now targeting the security researchers to get their confidential information. The Thread Analysis Group shared on Twitter, Telegram, LinkedIn, Discord, and other social media platforms to communicate with researchers and enhancing their trust. This entire attack […]<\/p>\n","protected":false},"author":2,"featured_media":838,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[6],"tags":[],"yoast_head":"\nNorth Korean Hackers Targeting Security Experts to Reveal Confidential Researches - Xiarch Solutions Private Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"North Korean Hackers Targeting Security Experts to Reveal Confidential Researches - Xiarch Solutions Private Limited\" \/>\n<meta property=\"og:description\" content=\"On 25th January 2021, Google uncovered an ongoing campaign that was carried out by the attackers from North Korea, now targeting the security researchers to get their confidential information. The Thread Analysis Group shared on Twitter, Telegram, LinkedIn, Discord, and other social media platforms to communicate with researchers and enhancing their trust. This entire attack […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/\" \/>\n<meta property=\"og:site_name\" content=\"Xiarch Solutions Private Limited\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/xiarch\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-27T13:06:55+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-06-07T05:04:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/01\/north-korea-hacker-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2116\" \/>\n\t<meta property=\"og:image:height\" content=\"1169\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Xiarch Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@xiarch\" \/>\n<meta name=\"twitter:site\" content=\"@xiarch\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Xiarch Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/\"},\"author\":{\"name\":\"Xiarch Security\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\"},\"headline\":\"North Korean Hackers Targeting Security Experts to Reveal Confidential Researches\",\"datePublished\":\"2021-01-27T13:06:55+00:00\",\"dateModified\":\"2021-06-07T05:04:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/\"},\"wordCount\":388,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"articleSection\":[\"Vulnerabilities\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/\",\"url\":\"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/\",\"name\":\"North Korean Hackers Targeting Security Experts to Reveal Confidential Researches - Xiarch Solutions Private Limited\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#website\"},\"datePublished\":\"2021-01-27T13:06:55+00:00\",\"dateModified\":\"2021-06-07T05:04:50+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/xiarch.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"North Korean Hackers Targeting Security Experts to Reveal Confidential Researches\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/xiarch.com\/blog\/#website\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"name\":\"Xiarch Solutions Private Limited\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/xiarch.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\",\"name\":\"Xiarch\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"contentUrl\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"width\":300,\"height\":300,\"caption\":\"Xiarch\"},\"image\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/xiarch\/\",\"https:\/\/twitter.com\/xiarch\",\"https:\/\/www.linkedin.com\/company\/xiarch\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\",\"name\":\"Xiarch Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"caption\":\"Xiarch Security\"},\"sameAs\":[\"https:\/\/xiarch.com\/blog\/\"],\"url\":\"https:\/\/xiarch.com\/blog\/author\/vector\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"North Korean Hackers Targeting Security Experts to Reveal Confidential Researches - Xiarch Solutions Private Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/","og_locale":"en_US","og_type":"article","og_title":"North Korean Hackers Targeting Security Experts to Reveal Confidential Researches - Xiarch Solutions Private Limited","og_description":"On 25th January 2021, Google uncovered an ongoing campaign that was carried out by the attackers from North Korea, now targeting the security researchers to get their confidential information. The Thread Analysis Group shared on Twitter, Telegram, LinkedIn, Discord, and other social media platforms to communicate with researchers and enhancing their trust. This entire attack […]","og_url":"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/","og_site_name":"Xiarch Solutions Private Limited","article_publisher":"https:\/\/www.facebook.com\/xiarch\/","article_published_time":"2021-01-27T13:06:55+00:00","article_modified_time":"2021-06-07T05:04:50+00:00","og_image":[{"width":2116,"height":1169,"url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/01\/north-korea-hacker-1.jpg","type":"image\/jpeg"}],"author":"Xiarch Security","twitter_card":"summary_large_image","twitter_creator":"@xiarch","twitter_site":"@xiarch","twitter_misc":{"Written by":"Xiarch Security","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/#article","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/"},"author":{"name":"Xiarch Security","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c"},"headline":"North Korean Hackers Targeting Security Experts to Reveal Confidential Researches","datePublished":"2021-01-27T13:06:55+00:00","dateModified":"2021-06-07T05:04:50+00:00","mainEntityOfPage":{"@id":"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/"},"wordCount":388,"commentCount":0,"publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"articleSection":["Vulnerabilities"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/","url":"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/","name":"North Korean Hackers Targeting Security Experts to Reveal Confidential Researches - Xiarch Solutions Private Limited","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/#website"},"datePublished":"2021-01-27T13:06:55+00:00","dateModified":"2021-06-07T05:04:50+00:00","breadcrumb":{"@id":"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/xiarch.com\/blog\/north-korean-hackers-targeting-security-experts-to-reveal-confidential-researches\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/xiarch.com\/blog\/"},{"@type":"ListItem","position":2,"name":"North Korean Hackers Targeting Security Experts to Reveal Confidential Researches"}]},{"@type":"WebSite","@id":"https:\/\/xiarch.com\/blog\/#website","url":"https:\/\/xiarch.com\/blog\/","name":"Xiarch Solutions Private Limited","description":"","publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xiarch.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/xiarch.com\/blog\/#organization","name":"Xiarch","url":"https:\/\/xiarch.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","contentUrl":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","width":300,"height":300,"caption":"Xiarch"},"image":{"@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/xiarch\/","https:\/\/twitter.com\/xiarch","https:\/\/www.linkedin.com\/company\/xiarch"]},{"@type":"Person","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c","name":"Xiarch Security","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","caption":"Xiarch Security"},"sameAs":["https:\/\/xiarch.com\/blog\/"],"url":"https:\/\/xiarch.com\/blog\/author\/vector\/"}]}},"_links":{"self":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/832"}],"collection":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/comments?post=832"}],"version-history":[{"count":1,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/832\/revisions"}],"predecessor-version":[{"id":837,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/832\/revisions\/837"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media\/838"}],"wp:attachment":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media?parent=832"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/categories?post=832"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/tags?post=832"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}