Fake NK Twitter Accounts Target Security Researchers

[x BlueRobot]

Over the past several months, the Threat Analysis Group has identified an ongoing campaign targeting security researchers working on vulnerability research and development at different companies and organizations. The actors behind this campaign, which we attribute to a government-backed entity based in North Korea, have employed a number of means to target researchers which we will outline below. We hope this post will remind those in the security research community that they are targets to government-backed attackers and should remain vigilant when engaging with individuals they have not previously interacted with.

Source: New campaign targeting security researchers

---

I've been targeted a few times by the "Zhang Gou" account. Thankfully I've never responded, since their message of "Hi" seemed to be too random and they would never send anything else. I believe they literally targeted anyone who had certain keywords in their Twitter bio.