North Korea targets security researchers in elaborate 0-day campaign

Be careful who befriends you … These attackers are seeking out security researchers to engage with them on projects in a well-crafted social engineering-campaign. The objective is to gain the trust of the target, then infect their device with custom backdoor malware and access the corporate network. It’s been ongoing for a few months now, with full social media profiles and security blogs to fuel the deception. As we are taught from day 1 in security: trust but verify and trust no one.