Home World Twitter suspends two accounts of North Korean hackers

Twitter suspends two accounts of North Korean hackers

by news dir

[아시아경제 조유진 기자] Twitter has suspended two accounts of hackers supported by the North Korean government, major foreign media reported on the 18th (local time).

The suspended accounts are ‘@lagal1990’ and ‘@shiftrows13’. These hackers belonging to the North Korean government set up fake security-related blogs targeting cybersecurity researchers around the world and distribute links to plant malware. activities were carried out

The hackers may have gained access to the researchers’ computers and stole undisclosed vulnerability hacking software or spyed on the researchers’ employers, which are traditional hacking targets such as security companies or government agencies.

The two accounts, which were suspended, attempted to gain a reputation in the information security industry by posting cybersecurity-related content, including codes related to recently discovered security vulnerabilities.

Adam Weidemann, a security risk analyst at Google’s Threat Analysis Group (TAG), confirmed that Twitter had suspended these accounts and “confirmed that these two accounts were directly related to activity discovered by our group earlier this year.” “They have been active by changing account names,” he pointed out.

These activities, which started last year, were first discovered by Google’s TAG in January of this year. These North Korean hackers did not stop cyberattacks after being caught by Google.

At that time, Google created fake security researcher identities as North Korean hackers were active on various social networks such as Twitter, LinkedIn, Telegram, Discord, and Keybase for months.

Hackers built a reputation in the industry by posting information security-related content and then used the fake identities to gain access to other security researchers.

When other security researchers reacted, the hackers infect their computers with malicious software, enticing them to work with them on the project to sites with malicious JavaScript code.

Google said in March that it had discovered a new Twitter account linked to the espionage, as well as a fake cybersecurity company named ‘Securielite’.

By Jo Yu-jin, staff reporter [email protected]


Related Articles

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.