Google has warned information security professionals (infosec) to be wary of North Korean spies who are using social media platforms, such as LinkedIn and Twitter, to target them.
Google’s Threat Analysis Group (TAG) found that North Korean hackers have been impersonating journalists, researchers, and other innocent personalities on phony profiles in an effort to gain the trust of their targets thus the alert was issued. The hackers will next try to steal the target’s personal information or con them into clicking on dangerous links after they have won the target’s trust.
It also found that North Korean hackers are increasingly disseminating propaganda and false information on social media. For instance, North Korean hackers utilized Twitter to distribute fabricated news items regarding the Democratic Party in the lead-up to the 2020 US presidential election.
Google’s Threat Analysis Group (TAG) issued a warning in January 2021 that North Korean hackers had been phishing security researchers. In order to gain the trust of their targets, the hackers pretended to be cybersecurity bloggers using phoney Twitter identities. The hackers would next try to steal the target’s personal information or con them into clicking on dangerous links after they had won the target’s trust.
The TAG also discovered that the hackers were employing SHARPEXT, a brand-new form of malware created specifically to harvest data from active browser sessions. SHARPEXT is a sophisticated malware infection that is challenging to find and get rid of.
North Korean hackers have been accused of carrying out a wide range of cyberattacks, including:
The WannaCry ransomware attack in 2017, infected over 230,000 computers in over 150 countries.
The Sony Pictures hack in 2014, resulted in the release of confidential company documents and the cancellation of the release of the film “The Interview.”
The attack on the Bangladesh Bank in 2016, which resulted in the theft of over $81 million.
The attack on the US Department of Defense in 2020, resulted in the theft of classified information.
The government of North Korea is thought to control the nation’s hackers, who are used to steal money, perform espionage, and disrupt its adversaries. The Sony Pictures breach, the WannaCry ransomware attack, and the Bangladesh Bank theft have all been attributed to North Korea by the US government.
North Korea is a state sponsor of cybercrime, and some of the most talented hackers there are from that country. They are renowned for targeting their victims with spear phishing, malware, and ransomware. Social media platforms have also been used by North Korean hackers to recruit new members and disseminate propaganda.
To combat North Korea’s cyber threats, the United States and other nations have taken action. US sanctions were put in place against North Korean hackers and their financial backers in 2018. Additionally, the United States has collaborated with allies to create joint defences and share information regarding cyber threats from North Korea.
Despite such attempts, the international community continues to face a significant threat from North Korea’s cyberattacks. The nation’s hackers are continuously refining their methods and searching for fresh ways to exploit security holes. It’s crucial to remain on guard and to take precautions against cyberattacks.
If you are an infosecer, there are a few things you can do to protect yourself from North Korean spies:
Be wary of any unsolicited messages from people you don’t know, especially if they come from profiles that look suspicious.
Don’t click on any links in messages from people you don’t know.
Be careful about what information you share on social media, even if it’s just seemingly innocuous information like your job title or where you work.
Keep your security software up to date.
Report any suspicious activity to Google or the relevant social media platform.
Check out these tips which will help you stay safe online:
Use strong passwords and avoid using the same one on many websites.
When possible, enable two-factor authentication.
Be cautious when sharing information online, especially private information like your phone number or address.
Update all of your software, including your web browser, operating system, and antivirus programs.
Any unsolicited emails or messages should raise suspicion, especially if they request personal information.
Report a cyberattack you believe may have targeted you to the appropriate authorities.
You can defend yourself from North Korean hackers and other online dangers by paying attention to these suggestions.