North Korean hackers have embarked on a sweeping intelligence gathering campaign aimed at cybersecurity researchers who hunt for loops in corporate networks, according to Google.
Google said that the North Korean government mounted a social engineering operation for several months in hopes of engaging with the researchers.
According to a Monday blog post by Google’s Threat Analysis Group, essential to the attack were several research blogs, YouTube videos, LinkedIn profiles and chat groups used by the hackers to build credibility in the hopes of duping the researchers.
The request to collaborate came with a data file purportedly for research that was equipped with secret malware. If the researcher opened the file, the hidden malicious code would immediately begin communicating with the North Korean hackers, according to Google.
In other cases, the malware was installed in the researchers’ systems after they followed a Twitter link to a cybersecurity blog to review possible vulnerabilities, according to Alphabet Inc.’s Google.
