An anxious statement appeared by Google stating that North Korea is backing up hackers to steal imperative information from researchers. As per the report, these hackers are using fake social media accounts and pose as security bloggers.
Besides, Google didn't clearly mention the hackers' information or their attempts' success rate. It is said that the strategy behind the attacks is to strengthen their cyber skills so that they can target commonly used computer products; Windows operating system and Google internet browser.
Google researcher, Mr. Adam Weidemann of Threat Analysis Group has mentioned the details in his report about how the hackers set up the fake Twitter accounts and interacted with the targeted researchers.
After connecting with the researchers, the offenders offer a project to them; to work together on a cyber-vulnerability project. Then, they share the malicious tool with the victims to install in their system. This tool contains codes that help the hackers to get into the targeted system and steal the required data.
"At the time of these visits, the victim systems were running fully patched and up-to-date Windows 10 and Chrome browser versions,"
"At this time we're unable to confirm the mechanism of compromise, but we welcome any information others might have."
Besides, North Korea has distinctly denied the allegations.
Interestingly, the country has a negative character with several past cyber attacks cases;
NSHC senior analyst, Simon Choi explained that South Korea has been closely monitoring the cyber attacks of North Korea for the past few years. During the years, the country has improved a lot in terms of cyber skills, especially in identifying and exploiting computer security systems.
"It's notable that the computer security experts on Twitter who said they were approached by the hackers had been engaged in vulnerability research for Chrome and Windows 10,"
"It's not that easy to successfully penetrate these systems that are built with the latest security technologies. For the North Koreans, it makes more sense to steal the vulnerabilities already discovered by the researchers because developing their own ways to exploit these systems is harder."
Don't trust people that you meet on digital platforms. Investigate thoroughly before working or collaborating with new friends.
Follow ISOEH (Indian School of Ethical Hacking) and get cyber security updates regularly. We are serving the industry for years and helping society to prevent cyber attacks.
We are one of the best cyber security institutes in India!