Social Engineering Campaign Targets Security Researchers

Humans are the weakest link in security. Security researchers know this — yet they also are human. And a new attack, attributed to government actors in North Korea, seeks to exploit this fact.

In Adam Weidemann’s article(https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers), he lays out common tactics used in these campaigns. First they establish a social media presence that looks credible to unsuspecting targets, even having legitimate security researchers write guest posts on their blog. Then they offer what every researcher is hungry for, an opportunity to collaborate on meaningful work. However, once the collaboration begins they share files that install malware on the unsuspecting researcher’s computer and beginning talking with attacker controlled C2 domains.

These attacks remind me of a time when one of my security professors in university shared that they had fallen victim to a phishing attack. They shared this incident to make a point — being a security professional does not make us immune to social engineering. We must be vigilant and practice the grown-up version of “don’t talk with strangers” — be careful when interacting with people you don’t know.