Google recently discovered coordinated attacks by North Korean government-backed hackers against U.S.-based organizations in the news media, IT, fintech and cryptocurrency industries, the company’s cybersecurity unit said.
Two separate North Korean groups exploited a vulnerability in the web browser Chrome in an effort to remotely install malware, Google’s Threat Analysis Group said in a blog post Thursday.
The earliest evidence of the exploit was on Jan. 4 and a patch was issued on Feb. 14, Google said.
One campaign by the hackers targeted over 250 individuals in 10 different companies by posing as recruiters with fake job offers from Disney, Google and Oracle.
Google said it suspected the two groups worked for the same entity but had different missions and used different techniques. The company said it notified all the targets of the attacks.
The report came days after U.S. national security adviser Jake Sullivan said North Korean hackers are working with Russian cybercriminals.
“North Korea’s cyber capabilities have been manifest in the world and they work with all kinds of cybercriminals around the world, including Russian cybercriminals,” Sullivan said Tuesday at a press conference.
He was responding to a question about a report from Harvard University’s Belfer Center for Science and International Affairs last week that drew a connection between the two countries’ cybercrime operations.
U.S. President Joe Biden on Monday warned American companies to be on heightened alert for cyberattacks by Russia in response to the heavy sanctions that have been imposed since its invasion of Ukraine.
