North Korean Hackers Have Targeted Security Researchers Via Social Media (zdnet.com) 15
Google said today that a North Korean government hacking group has targeted members of the cyber-security community engaging in vulnerability research. From a report: The attacks have been spotted by the Google Threat Analysis Group (TAG), a Google security team specialized in hunting advanced persistent threat (APT) groups. In a report published earlier today, Google said North Korean hackers used multiple profiles on various social networks, such as Twitter, LinkedIn, Telegram, Discord, and Keybase, to reach out to security researchers using fake personas. Email was also used in some instances, Google said. "After establishing initial communications, the actors would ask the targeted researcher if they wanted to collaborate on vulnerability research together, and then provide the researcher with a Visual Studio Project," said Adam Weidemann, a security researcher with Google TAG.
Re:They're trying to keep their families alive (Score:4, Insightful)
I'm still surprised that the "North Korean Super-Hacker" foolishness is still a thing. They have a single outlet to the WWW, a fiber line that goes through the Great Firewall of China (until a few years ago it was a paired T-3 to Taiwan that frequently was congested by Kim's porn habit.) IIRC there's one small data center in the entire country with obsolete cast-off Chinese servers in the racks. They don't have the capability to hire any decent instructors for their tiny educated class to teach them hacking. And yet we're supposed to tremble in our boots that the North Korean Super-Hackers are coming to get us.
Seems far more likely some criminals in China or Hong Kong are spoofing NK addresses.
Re: (Score:2)
Leverage, my friend. $62 billion for the F-22 (Score:3)
You correctly point out that North Korea is a small country.
A small country that very much wants to be one of the big boys.
They want to be able to threaten the west, particularly the United States.
The United States has capabilities like the F-22, which cost $62 billion for the whole project, or US$339 million per plane. No way in hell North Korea can ever compete with traditional military.
How much does it cost to train up 20 really good hackers?
Figure they are paying 50 people, the program has 50 employees.
Re: (Score:2)
You correctly point out that North Korea is a small country.
A small country that very much wants to be one of the big boys.
They want to be able to threaten the west, particularly the United States.
Only Americans think that NK wanted to be one of the big boys.
The rest of the world understands that Kim just wanted to avoid the fate of Saddam in Iraq, being perceived as a credible threat is the (only?) means to achieve that.
Americans may have short memory, but I bet Kim remembered when NK was named as part of the Axis of Evil by Bush along with Iraq. Kim is no fool to think NK could defend against US invasion without nukes, or the US would not invade if NK disarmed (again, see the nice example of Iraq)
Re: (Score:2)
Thinking about that scene from Swordfish:
He's not actually hacking (or cracking), he's writing software.
In that light, that scene is a pretty accurate metaphor for layman to understand the software development process:
Make cubes.
Glue cubes together.
Cubes sometimes fall apart for no reason.
Drink constantly.
Kind of interesting (Score:3)
Re: (Score:2, Insightful)
A whitehat that runs Windows 10, Chrome and Visual Studio outside of a sandbox doesn't deserve to be called a hacker.
Re: (Score:2)
Nor is that too bright in any use case. (Score:3)
Except in a disposable VM.
Win10 really doesn't belong on bare metal except for gaming or feeble hardware.
Is there anyone left in North Korea? (Score:2)
Wait, I thought everyone in North Korea died from covid. Maybe this is their AI, modeled after their leader Kim, that is coming to life and teaching itself how to hack.
It's fascinating (Score:1)