Active North Korean campaign targeting security researchers
Contents
Active North Korean campaign targeting security researchers
In January 2021, Threat Analysis Group (TAG) publicly disclosed a campaign from government backed actors in North Korea who used 0-day exploits to target security researchers working on vulnerability research and development. Over the past two and a half years, TAG has continued to track and disrupt campaigns from these actors, finding 0-days and protecting online users. Recently, TAG became aware of a new campaign likely from the same actors based on similarities with the previous campaign. TAG is aware of at least one actively exploited 0-day being used to target security researchers in the past several weeks. The vulnerability has been reported to the affected vendor and is in the process of being patched.
While our analysis of this campaign continues, we are providing an early notification of our initial findings to warn the security research community. We hope this post will remind security …
In January 2021, Threat Analysis Group (TAG) publicly disclosed a campaign from government backed actors in North Korea who used 0-day exploits to target security researchers working on vulnerability research and development. Over the past two and a half years, TAG has continued to track and disrupt campaigns from these actors, finding 0-days and protecting online users. Recently, TAG became aware of a new campaign likely from the same actors based on similarities with the previous campaign. TAG is aware of at least one actively exploited 0-day being used to target security researchers in the past several weeks. The vulnerability has been reported to the affected vendor and is in the process of being patched.
While our analysis of this campaign continues, we are providing an early notification of our initial findings to warn the security research community. We hope this post will remind security …
IoC
0eedfd4ab367cc0b6ab804184c315cc9ce2df5062cb2158338818f5fa8c0108e
23.106.215.105
2ee435bdafacfd7c5a9ea7e5f95be9796c4d9f18643ae04dca4510448214c03c
50869d2a713acf406e160d6cde3b442fafe7cfe1221f936f3f28c4b9650a66e9
5977442321a693717950365446880058cc2585485ea582daa515719c1c21c5bd
http://23.106.215.105
http://www.blgbeach.com
https://dbgsymbol.com
https://github.com/dbgsymbol/
https://twitter.com/Paul091_
23.106.215.105
2ee435bdafacfd7c5a9ea7e5f95be9796c4d9f18643ae04dca4510448214c03c
50869d2a713acf406e160d6cde3b442fafe7cfe1221f936f3f28c4b9650a66e9
5977442321a693717950365446880058cc2585485ea582daa515719c1c21c5bd
http://23.106.215.105
http://www.blgbeach.com
https://dbgsymbol.com
https://github.com/dbgsymbol/
https://twitter.com/Paul091_