back to article North Korea infected infosec bods with backdoors via dodgy blog pages, Visual Studio files – Google

North Korea's hackers homed in on specific infosec researchers and infected their systems with a backdoor after luring them to a suspicious website, Google revealed on Monday. The internet giant's Threat Analysis Group said Pyongyang's snoops would send private messages to their targets – primarily folks investigating software …

  1. LDS Silver badge
    WTF?

    "using separate physical or virtual machines"

    I thought that was already common practice....

    1. Gene Cash Silver badge

      Re: "using separate physical or virtual machines"

      Especially on an already dodgy looking URL like the one in the article!

  2. ecofeco Silver badge
    FAIL

    So much for the experts

    Really? Professional, top of their field "ITSEC" folks got taken in?

    Are you effing kidding me? No wonder we're all boned.

    1. trist

      Re: So much for the experts

      ITSec folks follow a normal distribution too.

    2. Chris G Silver badge

      Re: So much for the experts

      I really wonder where NK gets their expert Nation State level hackers from?

      Considering how apparently limited citizen's access to the internet and PCs in general is, it's a wonder that they have any significant numbers of proficient IT people at all let alone those who have the mind set and skills to target western infosec types.

      Answers on a post card etc........

      1. Anonymous Coward
        Anonymous Coward

        Re: So much for the experts

        Obviously the bogeyman recruits them.

      2. Blazde Silver badge

        Re: So much for the experts

        "apparently limited citizen's access to the internet and PCs in general is"

        Simple. No distractions. None of silly western youtube cookery temptation. No get lost on Wiki all night. No argue stupid people never met on Twitter. No Netflix. No chill either, until higher up in party. Just juche, work, study, more work, and we sing love for Supreme Leader while we hack evil imperialists. Glorious.

        1. Chris G Silver badge

          Re: So much for the experts

          But if the common reports are accurate, only the elite few have any access at all, so how would a budding script kiddie even be able to show aptitude if kids in general have no access.

          It's nothing like the west where every student needs a laptop in order to produce their homework.

          With a relatively small population of about 26 million, the ratio of talented hackers who have not grown up in a connected society but have tge required talents is exceptional.

          1. Throatwarbler Mangrove Silver badge
            Holmes

            Re: So much for the experts

            Written about Cambodia, but still relevant:

            But you'll work harder with a gun in your back

            For a bowl of rice a day

            Slave for soldiers til you starve

            And your head is skewered on a stake

            It's time to go where people are one

            It's time to go where they get things done

            h/t Dead Kennedys

            I imagine that NK has significant resources dedicated to screening their populace for aptitude and also that the positive and negative motivators are rather different and stronger than we see in the West.

            1. Falmari Silver badge

              Re: So much for the experts

              Cambodia nice place for a holiday ;)

              1. chuBb. Silver badge

                Re: So much for the experts

                Learn assembly and work up, no mystery, unless you go in for a games course or something more electronic based it's very unlikely u will do much in a formal educational establishment these days with assembly.

                Once you know a cpus instruction set its 90% common between the lot just check your endianess...

                Thing is the vast majority of devs and dev work is higher level language and api based, yet the literal bits of a computer remain a mystery.

                My point is though that you need very limited compute access and a few dead tree books to get a fundamental understanding of computers, if that's your starting point before progressing to c and higher level languages then your going to have a massive headstart in understanding over a dev who can say DMA but doesn't understand or even knows it stands for direct memory access. I suspect NK hackers have impressively cobbled together systems similar to the dumpster diving hackers of the early 90s along with a better understanding of how the low level fits together compared to ur average dev who doesn't call them selves an engineer... That and I wouldn't be surprised if they have bought various sources (windows, cisco etc.) from Russia and China or in the case of Iran possibly even share info as those 3 do plenty of business with the hermit state especially Russia, would imagine it would help them to have a b apt team to try things with and burn if detected, tsk tsk naughty norks to world, cheers Kim here's some military kit and a good word for you at the UN in private.

            2. sev.monster Bronze badge
              Big Brother

              Re: So much for the experts

              The DPRK does not have a job market and there is no prospect of a "career" for the majority of its citizens, just how much work you are able to do for the Great Leader.

              Jobs are assigned to you. If you are told to work, you work.

              Marriages are arranged with what the party believes is a good match for you. If you are told to marry, you marry.

              Previously, only the top 1% of the 1% was allowed to do otherwise, though it has expanded to maybe 2% over the past few years. Even then, the objective is always to win the Great Leader's graces if you want to have any hope of working up whatever ladder might be thrown your way.

          2. Blazde Silver badge

            Re: So much for the experts

            You don't need general internet access to learn to hack. Anyone who grew up hacking before the mid-nineties can attest. They do have computers, and local networks, and their own state internet (but I doubt hacking one of the handful of propaganda sites is an advisable way of showing aptitude). You really don't need anything flashy to get the mindset right, to understand basic techniques, and bingo you're a 'talented hacker' ready to rapidly learn and develop specific current methodologies relating to foreign software environments. (Compare/contrast Equation Group hacking Iranian ICSs).

            The motives and distractions are probably much more important. Presumably an officially atheistic state with only 109 years of history doesn't have 3 times as many highschool kids taking History and Religious Studies than do Computer Science, as mystifyingly happens in the UK.

          3. doublelayer Silver badge

            Re: So much for the experts

            There are computers at the universities, and there is a lot of competition to get the few places in the elite. If a student wishes to do well and not end up as a construction worker in the military, they have to be exceptional at something the state cares about. Those things include a variety of natural sciences for manufacturing innovation or weapons development, computer science (now, it took a while), and things that you can compete about or exhibit for external propaganda. People don't generally get to apply for roles in the government that require social sciences (E.G. diplomacy or administration) unless their family is already there, so few need to study things relevant to that.

            I'm guessing you have a certain amount of computer skills because you posted here. If, during your youth, you were faced with the choices become really good at that by spending no time on anything else, become very good at nuclear physics, become a really good musician, work in manual labor at 600-700 grams of rice (if you live in the nice places, otherwise it's the same amount of a grain with less caloric content), or die, which would you have done?

            1. NetBlackOps Bronze badge

              Re: So much for the experts

              You can lay money that they are testing all students, no matter what their background, extensively and especially for talent in maths. I certainly would if I were running a Hermit Kingdom.

          4. Triggerfish

            Re: So much for the experts

            I would guess aptitude tests and fast tracking.

        2. Ken Moorhouse Silver badge

          Re: Supreme Leader

          Watch out for that "Touch Me In The Morning" ploy.

  3. Kevin McMurtrie Silver badge

    – Google

    Was Google upset that the backdoors weren't hosted on GCP? Google has slipped to the #4 slot on Spamhaus but they've upped their malware hosting advertising with a new abuse ignore-bot that says, "If you would like to report suspected Spam, Malware, Phishing, or other abuse on Google Cloud, please fill out the form at the following link: ..."

  4. yetanotheraoc

    There you go

    "At the time of these visits, the victim systems were running fully patched and up-to-date Windows 10 and Chrome browser versions. At this time we’re unable to confirm the mechanism of compromise, but we welcome any information others might have."

    I'm curious what additional information Google needs about the "mechanism of compromise".

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021