ADVERTISEMENT

North Korea has been targeting threat researchers

Man in front of multiple computers
Chris Stokel-Walker
Chris Stokel-Walker Contributor
Jan 27, 2021 Updated: 28 September 2021 3 min read
When the hunters become the hunted.
“In order to build credibility and connect with security researchers, the actors established a research blog and multiple Twitter profiles to interact with potential targets.”
explained Adam Weidemann of Google’s Threat Analysis Group

It began with a blog

ADVERTISEMENT
“Their blog contains write-ups and analysis of vulnerabilities that have been publicly disclosed, including ‘guest’ posts from unwitting legitimate security researchers, likely in an attempt to build additional credibility with other security researchers.”
said Adam Weidemann

Winning trust and taking victims

“These actors have used multiple platforms to communicate with potential targets, including Twitter, LinkedIn, Telegram, Discord, Keybase and email.”
said Adam Weidemann
ADVERTISEMENT