An Elite Spy Group Used 5 Zero-Days to Hack North Koreans

Cybersecurity researchers at Google’s Threat Analysis Group today revealed that an unnamed group of hackers used no fewer than five zero-day vulnerabilities, secret hackable flaws in software, to target North Koreans and North Korea-focused professionals in 2019. The hacking operations exploited flaws in Internet Explorer, Chrome, and Windows with phishing emails that carried malicious attachments or links to malicious sites, as well as so-called watering hole attacks that planted malware on victims’ machines when they visited certain websites that had been hacked to infect visitors via their browsers.

Read full article on Wired – Threat Level