In January, Google and Microsoft outed what they said was North Korean government-sponsored hackers targeting security researchers. The hackers spent weeks using fake Twitter profiles—purportedly belonging to vulnerability researchers—before unleashing an Internet Explorer zero-day and a malicious Visual Studio Project, both of which installed custom malware.
Now the same hackers are back, a Google researcher said on Wednesday, this time with a new batch of social media profiles and a fake company that claims to offer offensive security services, including penetration testing, software security assessments, and software exploits.
Once more with feeling
The homepage for the fake company is sleek and looks no different from countless real security companies all over the world: