JezCaudle, 9 months ago

@jerry Can I put it on CV (Latin for resumé) that I have been targeted by the NK Lazarus group?

I think I should be allowed to put it on LinkedIn with my 50 meters swimming certificate.

Make T-shirts @jerry and sell them to pay for the servers. “I’m an NK target! Infosec.exchange etc

davep, 9 months ago

@jerry Didn't they contact you before publishing?

jerry, 9 months ago

@davep no

davep, 9 months ago

@jerry That's a bit shabby, in my opinion.

davep, 9 months ago

@jerry I had a look earlier. How very odd.

tahomasoft, 9 months ago

@jerry thanks for taking action Jerry! I agree, that is disappointing about Google not giving you a heads up first.

jerry, 9 months ago

@tahomasoft I am sure they had a reason. I will give the benefit of the doubt.

Lee_Holmes, 9 months ago

@jerry Sadly, this seems to be often the case. In Azure, we had folks super upset about abuse of the platform (bad storage accounts, etc.) but had never used any of the abuse reporting mechanisms.

This is like when the whole security industry blogs and complains about some malicious threat actor steamrolling the world. But then @briankrebs just goes and reports it to their registrar / hoster and gets them nuked.

jerry, 9 months ago

@Lee_Holmes @briankrebs Google may have a perfectly rational reason for not contacting me, and so I am not going to assume, but just saying that it’s disappointing.

erickolb, 9 months ago

@jerry @Lee_Holmes @briankrebs If nothing else, this is an opportunity to build a new bridge. Perhaps they're so accustomed to Twitter/X being faceless and non-responsive that they simply did not consider it might be otherwise here.

jerry, 9 months ago

Also, if you downloaded the tools referenced in https://blog.google/threat-analysis-group/active-north-korean-campaign-targeting-security-researchers/ it’s time to do all the things.

erickolb, 9 months ago

@jerry Well, Maddie - one of the co-authors - appears to also have a profile on this server too, if you wanted to tag her and have a chat about it.

jerry, 9 months ago

@erickolb thank you. I will do that.

jerry, 9 months ago

The account had 16 followers on the fediverse. Nearly all of those were here on ISE. I intend to look closely into each one.

mathaetaes, 9 months ago

@jerry When you're big enough that N. Korea starts using your server for nation state operations, I think that means you made it.

Congratulations!

jerry, 9 months ago

@mathaetaes that is a somewhat alarming revelation 😅

geekgrrl, 9 months ago

@jerry

Dwight Shrute, from The Office (US). A man in glasses looks up at the ceiling, as if wondering who is watching him and from where…

catsalad, 9 months ago

@jerry They finally tracked us down...
https://infosec.exchange/@catsalad/109474470274430842

dnsprincess, 9 months ago

@jerry how hard is it to find the report button?

jerry, 9 months ago

@dnsprincess based on the >2400 reports we’ve processed to date, I’m going with “not very”

JessTheUnstill, 9 months ago

@dnsprincess @jerry