Cyber Security

Threat Campaign Against Researchers Ongoing, CISA Warns

In January, a social engineering campaign was launched against vulnerability researchers. They were sent unsolicited messages on various platforms, including LinkedIn, Twitter, Discord, Telegram, and Keybase. We thought that that was the end of it. It was not.

The scoop

The CISA has cautioned researchers to keep their guards up as the same wave of attacks continues. The agency has recommended that cybersecurity practitioners examine reports on the attacks, published by Microsoft, Google, and CISA. The notification urges researchers to use sandbox systems isolated from trusted networks when analyzing untrusted websites or codes.

Why does it matter?

While the attack may not be anything unique, it stands out because of the protracted investment of the threat actors in developing credibility with their targets. This attempt by the attackers to blend in with the security community came as a shock to the latter. Moreover, what’s jarring is that the ultimate purpose of the attackers still remains unknown.

Security researchers targeted

  • A spear-phishing campaign dubbed BadBlood, conducted by Charming Kitten APT, was targeted at 25 senior researchers in the fields of oncology, genetic research, and neurology. The aim of the campaign was to steal their credentials.
  • Last month, North Korean hackers set up a fake security company, SecuriElite, to lure researchers into visiting the booby-trapped website.

The bottom line

Security researchers often build online connections with people they don’t know; this practice might lead them to dangerous dungeons dug by threat actors. The incidents mentioned above should serve as a reminder to exert caution when jumping into unknown territories or dealing with strangers on the internet.

Source: https://cyware.com/news/threat-campaign-against-researchers-ongoing-cisa-warns-9b8b2b9d

Click to comment

You May Also Like

Cyber Security

A new APT hacking group dubbed Lancefly uses a custom ‘Merdoor’ backdoor malware to target government, aviation, and telecommunication organizations in South and Southeast...

Cyber Security

Researchers following the activities of advanced persistent (APT) threat groups originating from China, North Korea, Iran, and Turkey say that journalists and media organizations have...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO

Exit mobile version