Google’s Threat Analysis Group (TAG) has provided an update on the targeting of security researchers by North Korean threat actors. TAG has been monitoring and disrupting campaigns from these actors over the past two and a half years, finding and protecting against 0-day exploits. They have recently identified a new campaign that is likely from the same actors, using similar tactics as before. The threat actors build rapport with their targets on social media, then move to encrypted messaging apps to send malicious files containing 0-day exploits. TAG is urging security researchers to stay vigilant and be aware of potential government-backed attackers. They are also working to improve the safety and security of Google’s products to protect users from further exploitation.
https://blog.google/threat-analysis-group/active-north-korean-campaign-targeting-security-researchers/