"North Korean Hackers Are Now Using a Fake Security Company to Target Researchers"
According to researchers at Google LLC's Threat Analysis Group (TAG), the same North Korea-backed hackers discovered to have been targeting security researchers earlier this year are now using a fake security company called SecuriElite to continue their campaign. In January, Google researchers warned of the North Korean Advanced Persistent Threat (APT) group specifically targeting security researchers at several organizations using a research blog and multiple Twitter accounts. The blog included write-ups exploring publicly disclosed vulnerabilities and posts from legitimate security researchers who had been deceived into thinking they were posting on a legitimate site. The new website SecuriElite appears to be owned by a cybersecurity company based in Turkey. It includes a link to a PGP public key on the page that lets security researchers confidentially send messages to the fake company. This article continues to discuss the recent targeting of security researchers by a North Korea-backed hacking group through a fake offensive security company, as well as the growing sophistication of attackers' approach to email attacks.