InfoSec’s Reaction to North Korea’s Bold Hacking Technique
Cybersecurity researchers were shocked after Google revealed information about a technique North Korea was using to try to hack them. The concept was quite simple. The hacker impersonated a fellow security researcher online. To accomplish this, they built social media profiles, blogs, and other signals of authenticity. Then they started engaging with security researchers. In the course of the interaction, the fake security researcher would ask to send a Visual Studio file to their target.
After opening the file, the cybersecurity researcher was compromised. More variations and details on the attacks are available in Google’s analysis. If successful, the whole situation would be quite ironic. Impersonating others in order to unleash malware is a foundational attack method. Researchers should be cautious when engaging with unknown people and never open files. “InfoSec Twitter” was quick to comment on the situation with tweets and memes. The account names associated with the hacking attempts were Zhang Gao, James Wily, and several others.
Many users are sharing their conversations with the fake researcher.
Others are saying the screenshots are a “flex”, meaning a boast to prove the person’s status.
While some are creating memes.
Finally, one user assumed there was no impact from the campaign because security researchers always follow the best-practices, right?