Threat actors working on behalf of North Korea posed as security researchers on social media in a campaign to compromise employees of security companies, according to a Google report.
The threat actors’ ability and willingness to go after security researchers only shows how serious the campaign really was. It’s not a common occurrence in the cybersecurity world, making the campaign all the more interesting.
A few months ago, Google identified a campaign targeting security researchers working on vulnerability research, which they attributed to a group working for North Korea. The attackers set up a blog, fake contacts and Twitter profiles, then posted videos and used social media to amplify their work.