Microsoft: DPRK hackers 'likely' hit researchers with Chrome exploit


Level 83
Thread author
Top poster
Content Creator
Malware Hunter
Aug 17, 2014
Today, Microsoft disclosed that they have also been monitoring the targeted attacks against vulnerability researchers for months and have attributed the attacks to a DPRK group named 'Zinc.'

Earlier this week, Google disclosed that a North Korean government-backed hacking group has been using social networks to target security researchers.
As part of the attacks, the threat actors would ask researchers to collaborate on vulnerability research and then attempt to infect their computers with a custom backdoor malware.

In a new report, Microsoft states that they too have been tracking this threat actor, who they track as 'ZINC,' for the past couple of months as the hackers target pen testers, security researchers, and employees at tech and security companies. Other researchers track this hacking group under the well-known name 'Lazarus.'

"In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. The campaign originally came to our attention after Microsoft Defender for Endpoint detected an attack in progress. Observed targeting includes pen testers, private offensive security researchers, and employees at security and tech companies."
"Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to ZINC, a DPRK-affiliated and state-sponsored group, based on observed tradecraft, infrastructure, malware patterns, and account affiliations," the Microsoft Threat Intelligence Center team disclosed in a new report.


Level 16
Top poster
May 4, 2019