We got you covered.

Fake Cybersecurity Company Run by North Korean Hackers Targeting Security Experts

Must Read

The internet just became a tad more uncertain than it was a few months ago. Or that’s what some cyber experts would have us believe. Namely, Google’s Threat Analysis Group recently reported on a fake cybersecurity company run by North Korean hackers targeting security experts.

Initially, the group began implementing their attacks in January. However, on March 17, all hell broke loose as Google’s TAG identified the setting up of a new website and social media profiles for the fake company SecuriElite. If you’re thinking that they could have been more inventive in coming up with the name, we couldn’t agree more.

Claiming to be a “cutting edge offensive security [firm],” they promise to “protect your digital data reliably.” Now, who are you going to believe, Google or some obscure, secretive North Korean-backed company? Hmmm, let us get back to you on this one.

Now, seriously, when you visit their website, Google displays a warning, saying: Visiting this website may harm your computer! They also suggest checking out additional information on Google’s Safe Browsing diagnostic page.

Additionally, the company ― Google, not SecuriElite ― recommends visiting StopBadware.org to learn more about protecting yourself from harmful software online.

Source: The Hacker News

We at EP Wired weren’t as brave as some of our readers may be to visit the website despite the warning in capital letters. Actually, all the malicious site’s visitors are in for a ride if they choose to disregard the word of advice by Google’s experts.

At the bottom of SecuriElite’s page, there is a link to their PGP public key. In January of this year, targeted researchers stated that the PGP key located on the attacker’s blog constituted a lure to visit the site “where a browser exploit was waiting to be triggered.”

Determined North Korean Hackers Targeting Security Experts

Who in the world would say that security researchers specializing in vulnerability research and development are prone to hacker attacks? Well, they aren’t really until some of their alleged industry peers contact them to start working together.

You read that right: the wicked SecuriElite spent vast amounts of time building their legitimacy by presenting themselves as security researchers. They established a research blog and used sock puppet Twitter profiles to amplify their reach and communicate with their targets.

Great article on the importance of listening to your intuition, even for those of us in the security business.

James Hamilton, Senior Vice President – Director of Protection Quality, GDBA

If we dare say it, they did a great job by including numerous write-ups and analyses of publicly disclosed vulnerabilities. SecuriElite indeed seemed legit, especially since they boasted with content from unwitting security researchers.

Unfortunately, some researchers were even compromised while visiting their blog. They followed Twitter links, giving the obscure SecuriElite team access to their systems and installing a malicious service.

While causing all this damage, the reasons behind the campaign and attacks remain unclear. But one thing’s for sure: hackers and state-sponsored entities are quickly changing gears and adjusting their methods.

Whether it’s a fake cybersecurity company run by North Korean hackers targeting security experts or some other sophisticated actor, you better be on the lookout. And yes, this applies primarily to those of you associated with the security industry!

To read more EP Wired news that shook the security world, check out these titles:

Sign Up for Our Newsletter

Get the latest news and articles from EP Wired.

Latest News

Executive Protection Organizations Worldwide — IPSB

For the fourth issue in our Executive Protection Organizations Worldwide series, we talked with Chuck Tobin, a Member Board...

More Articles Like This

Download Advance Work: Route Survey

    Download Advance Work: Restaurant

      Download Helicopter Extration: Landing Zone

        EP Career

        Your registry of the best opportunities in executive protection.

        EP Directory
        The right place to explore EP companies.