Tech

Google claims to have thwarted cyberattacks by North Korean hackers in 2022

Deepak GuptaMarch 25, 2022
0

Two separate groups of North Korean hackers were exploiting the same remote code execution vulnerability in the Chrome web browser, but Google managed to thwart cyberattacks earlier this year.

hacker
Credit: Unsplash

Hackers backed by the North Korean government exploited a critical zero-day flaw of Chrome in an attempt to infect the computers of hundreds of people working in a wide range of industries, including news media, IT, cryptocurrencies and financial services, Google announced on its blog.

Google’s Threat Analysis Group (TAG) has assigned two exploits of the recent fix CVE-2022-0609 to two separate groups of attackers supported by the North Korean government. ” We suspect that these groups work for the same entity with a shared supply chain, hence the use of the same exploit kit, but each operates with a different set of missions and deploys different techniques. writes Google’s cybersecurity team.

Also read: North Korean hackers spy on Windows and Android devices with Chinotto malware

North Korean hackers were stopped by Google

According to TAG Group, between January and February 2022, North Korean hackers took over a zero-day flaw in Google Chrome that allowed them to execute code on target devices. Before the flaw is patched, the North Koreans allegedly used it to compromise the computers of various companies.

According to information from Google, one of the groups, named “Operation Dream Job”, targeted more than 250 people from different media with phishing emails claiming to be from Disney, Google and Oracle recruiters. The emails contained links to job search sites like Indeed and ZipRecruiter. Phishing campaigns are becoming more and more common, and we have seen that Microsoft Teams has become a favorite target for hackers.

Another group called “Operation AppleJues” would have targeted 85 users from the cryptocurrency and fintech sectors. Hackers reportedly managed to deploy malware that was hidden in HTML tags on fake websites. There again, theattackers’ goal was to redirect users to a compromised site where an exploit script was run against the Chrome flaw to install remote access malware. Google specifies that Chrome would not have been the only browser targeted by hackers, and that macOS and Firefox were also affected.

Source: google

We have other articles that may interest you:
  1. These Marvel movies were pulled from Disney +, why?
  2. Apple investigates an iPhone factory in India after massive food poisoning that led to a strike
  3. Thanks to the iPhone 13, Apple becomes number 1 in China ahead of Vivo and Oppo
  4. Beware of Xenomorph, a malware that steals information from 56 banks
  5. Five reasons to make the leap to Wi-Fi 6
  6. Apple Watch SE 2022: discover the technical sheet and the price of the next connected watch
Deepak GuptaMarch 25, 2022
0

Related Articles

After 30 years, ‘Super Mario Bros.’ he will have the movie he deserves

October 8, 2022

WhatsApp: it will soon be possible to find its history on several smartphones

July 10, 2022

How to activate Windows with a genuine license

February 5, 2022

Five things Intel has shown with Alder Lake-S

November 7, 2021

Leave a Reply

Your email address will not be published. Required fields are marked *