Google Tries to Tie Norkies to Phishing Attacks

Google’s Threat Research team grabbed headline yesterday claiming that mysterious agents from North Korea were sending spearphishing attacks to security researchers. The folks would ask cyber researchers if they could help collaborate on a project and would try to send a backdoored file to the researchers to compromise their systems.

But here’s the problem. Security Researchers know better than to accept unsolicited files, or if they do, they know how to sandbox them to make sure their systems don’t get compromised. Google didn’t point to anyone who fell victim, but sure tried to grab headlines with their hysterical claims that evil hackers from North Korea were to blame.

Sorry, this is complete bullshit. First, a phishing campaign is suddenly a nationstate attack? lol!
Second, any security researcher who gets phished is no longer, by definition, a security researcher, but just another dumb user. https://t.co/KxmWVxueb8

— CISO – Black Spire Outpost (@BelchSpeak) January 26, 2021

Nice try, Google.