Microsoft, like Google TAG, observed a cyber espionage campaign aimed at vulnerability researchers that attributed to North Korea-linked Zinc APT group. Researchers targeted the researchers through multiple social networking platforms, including Twitter, LinkedIn, Discord, and Keybase. Zinc hackers created Twitter profiles for fake security researchers that were used to retweet security content and posting about vulnerability research. The hackers employed a custom backdoor to compromise the systems of the vulnerability researchers. Microsoft researchers noticed that some of the victims were using fully patched browsers, suggesting that attackers used 0-day exploits.”]
Source: https://securityaffairs.co/wordpress/113990/apt/zinc-apt-targets-security-experts.html