Black Desert Mobile gets the Land of the Morning Light expansion today, in an update that also adds Woosa Awakening (Choryeong). Expect events with the new content, new powerful gear, and more.
07.09.2023 - 17:33 / pcmag.com
Google says state-sponsored North Korean hackers are once again trying to target security researchers, this time with a new zero-day exploit that can spy on a victim’s computer.
The suspected North Korean hackers have been doing so by using Twitter and Mastodon social media accounts to build a “rapport with their targets,” Google warned in a blog post on Thursday.
“In one case, they carried on a months-long conversation, attempting to collaborate with a security researcher on topics of mutual interest,” the company said. “After initial contact via X, they moved to an encrypted messaging app such as Signal, WhatsApp or Wire.”
The North Korean hackers then sent a file to the security researcher that was actually a malicious software package that exploited at least one unpatched vulnerability, also known as a zero-day exploit. The attack worked by first checking to see if the security researcher’s computer had installed any antivirus software. It then proceeded to collect information, including grabbing a screenshot, which was then sent to a hacker-controlled internet domain.
Google didn’t supply details to the vulnerability, such as the software it attacked. But the company has already reported the flaw to the vendor, which is already in the process of patching the flaw. “Once patched, we will release additional technical details and analysis of the exploits,” Google added.
The attack represents the latest campaign from the North Korean hackers, which have been targeting the IT security community with the same tactics since at least 2021 by pretending to be security researchers themselves. In this new campaign, Google says the North Korean actors also published a free debugging tool called “GetSymbol Project” on Github to trick security researchers into downloading it. In reality, the tool has “the ability to download and execute arbitrary code from an attacker-controlled domain,” meaning it can secretly infect a PC with malware.
“If you have downloaded or run this tool, TAG (Google's Threat Analysis Group) recommends taking precautions to ensure your system is in a known clean state, likely requiring a reinstall of the operating system,” the company went on to warn.
To protect users, the company says the Chrome browser will start flagging the sites used in the North Korean hacking campaign as dangerous. Both Twitter and Mastodon have also taken down the user accounts the hackers controlled to phish the security researchers.
"We hope this post will remind security researchers that they could be targets of government backed attackers and to stay vigilant of security practices,” Google added.
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your
Black Desert Mobile gets the Land of the Morning Light expansion today, in an update that also adds Woosa Awakening (Choryeong). Expect events with the new content, new powerful gear, and more.
Thailand made a piece of Asian Games history when they won the first medal ever in eSports as China's gold rush momentarily came off the tracks in cycling on Tuesday.
Hackers took over Donald Trump Jr.’s Twitter account Wednesday morning to post several sensational tweets, including a claim that his father, former US President Donald Trump, had died.
Google's Bard AI chatbot has a new trick. Bard Extensions can now rifle through your digital files (Gmail, Docs, Drive) to find specific pieces of information, and then build on it with more information from the web.
Remember Squid Game? This pandemic-era streaming obsession gave us a gory, twisted take on the game show concept and generated more than a billion viewing hours on Netflix. It was enough that a Korean ISP sued Netflix in a bid to get the streaming service to pay for what it claimed was excessive data usage in the country caused by the popular Korean drama.
The version 4.1 update for Genshin Impact, dubbed “To the Stars Shining in the Depths,” will launch on September 27, developer miHoYo announced.
The developer of two free indie games that went viral says that new revenue rules planned by game engine provider Unity would have cost him more than $5 million in install fees.
Korean media reports that TSMC has teamed up with Broadcom & NVIDIA to develop cutting-edge silicon photonics, in order to provide massive transmission speeds for AI computing.
Viewers of are wondering how many episodes are in the series and when each new episode comes out. The romance drama revolves around Han Jun Hee, who is still mourning the death of her boyfriend when she transcends time and space to her high school, where she is met with a striking resemblance to her boyfriend.
North Korean hackers targeted Russian diplomats and successfully breached a Russian aerospace research institute earlier this year, Microsoft Corp said in a blog post published Thursday.
Tokyo Game Show is set to kick off later this month on September 21, and over the course of several days, the event will see several major companies talking about some of their biggest upcoming releases. Microsoft was confirmed to be in that list some time back, and now, the company has offered more details on what its plans for the event will entail.
Microsoft will host the Xbox Digital Broadcast at Tokyo Game Show 2023 on September 21 at 2:00 a.m. PT / 5:00 a.m. ET / 18:00 JST, the company announced.