Image Courtesy Of Pixabay And Insider Report
Google has discovered that hackers backed by the North Korean government are targeting the news media, IT, cryptocurrency, and fintech industries in the United States and around the world.
This article was written by Brendan Taylor and published by Insider Paper.
The Google Threat Analysis Group (TAG) discovered that two distinct North Korean government-backed attacker groups were attempting to exploit a remote code execution vulnerability in the Chrome browser.
“We suspect that these groups work for the same entity with a shared supply chain, hence the use of the same exploit kit, but each operate with a different mission set and deploy different techniques,” the company said in a blog post.
It’s possible that other North Korean government-backed attackers have access to the same exploit kit, according to the report.
In keeping with ‘Operation Dream Job,’ one campaign targeted over 250 people working for ten different news organisations, domain registrars, web hosting providers, and software vendors.
The targets received emails purporting to be from recruiters at Disney, Google, and Oracle, containing bogus job opportunities.
The emails contained links to bogus job-search websites such as Indeed and ZipRecruiter.
“Victims who clicked on the links would be served a hidden iframe that would trigger the exploit kit,” said Google.
Another North Korean group, dubbed ‘Operation AppleJeus,’ used the same exploit kit to target over 85 users in the cryptocurrency and fintech industries. A
At least two legitimate fintech company websites were compromised, and hidden iframes were hosted to serve the exploit kit to visitors.
“In other cases, we observed fake websites — already set up to distribute trojanised cryptocurrency applications — hosting iframes and pointing their visitors to the exploit kit,” Google informed.
All identified websites and domains were added to ‘Safe Browsing’ upon discovery to protect users from further exploitation.
“We also sent all targeted Gmail and Workspace users government-backed attacker alerts notifying them of the activity,” said Google.
Bernstein analyst Eunice Lee is out with a fascinating note explaining why automakers are making… Read More
The Keir Starmer experiment is officially over, as was growing increasingly clear over the weekend,… Read More
For many Americans, credit cards can feel like a lifeline during difficult times. An unexpected… Read More
Real progress starts with empowering local residents to build. During a recent visit to Rochester,… Read More
Think about the last smartphone, tablet or smartwatch you stopped using. Odds are it is… Read More
Learn how to refine your targeting, eliminate low-quality traffic, and optimize campaign performance so every… Read More
This website uses cookies.