The Cybersecurity and Infrastructure Security Agency (CISA) has advised cybersecurity researchers to be aware of a recent phishing campaign that targets professionals within the field. The attacks were first disclosed in January and were found to be targeting researchers working on vulnerability research and development within various organizations. The individuals were contacted via several different platforms, including through Twitter, LinkedIn, Telegram, Discord, Keybase, and email.
According to the CISA, the attackers created fake social media profiles catered to the industry to interact with researchers. The attackers would share videos of fraudulent exploits, retweet other attacker-controlled accounts, and link to their blog. The ultimate goal was to trick victims into thinking they were members of the same cybersecurity field to connect, eventually getting them to run malicious code through downloading a file or clicking a link. The CISA recommended that researchers review reports and updates from Google, Microsoft, and CISA on the campaign, which is still active.
Read More: CISA Urges Caution for Security Researchers Targeted in Attack Campaign