Microsoft patches critical 0-day that North Korea used to target researchers

Shadowy figures stand beneath a Microsoft logo on a faux wood wall.

Microsoft has patched a critical zero-day vulnerability that North Korean hackers were using to target security researchers with malware.

The in-the-wild attacks came to light in January in posts from Google and Microsoft. Hackers backed by the North Korean government, both posts said, spent weeks developing working relationships with security researchers. To win the researchers’ trust, the hackers created a research blog and Twitter personas who contacted researchers to ask if they wanted to collaborate on a project.

(credit: Google)

Eventually, the fake Twitter profiles asked the researchers to use Internet Explorer to open a webpage. Those who took the bait would find that their fully patched Windows 10 machine installed a malicious service and an in-memory backdoor that contacted a hacker-controlled server.

Read 6 remaining paragraphs | Comments

Microsoft patches critical 0-day that North Korea used to target researchers

All Rights Of This Article Reserved To Ars Technica

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: