Uptycs cybersecurity experts: The Linux malware, aka Bashlite, mainly targets vulnerable IoT devices and reuses some modules from the old botnet.
Google TAG: North Korea’s hackers are still targeting cybersecurity community. the threat actors set up a new website with associated social media profiles for a fake company called “SecuriElite”
North Korea’s hackers are still targeting cybersecurity community. It has been denounced by the Google Threat Analysis Group (TAG). Researchers, in fact, detected that the threat actors on March 17 set up a new website with associated social media profiles for a fake company called “SecuriElite.” It claims the company is an offensive security firm located in Turkey, which offers pentests, software security assessments and exploits. Like previous websites set up by this actor, this website has a link to their PGP public key at the bottom of the page. In January, targeted researchers reported that the PGP key hosted on the attacker’s blog acted as the lure to visit the site where a browser exploit was waiting to be triggered.
Researchers identified two accounts impersonating recruiters for antivirus and security companies on LinkedIn
According to the cybersecurity experts, the North Korea’s attacker’s latest batch of social media profiles continue the trend of posing as fellow security researchers interested in exploitation and offensive security. On LinkedIn, two accounts impersonating recruiters for antivirus and security companies have been identified. Moreover, researchers successfully identified these actors using an Internet Explorer 0-day. Based on their activity, Google TAG continues to believe that these actors are dangerous, and likely have more 0-days submission process.