North Korean Spies Used Google Find Hub as Remote-Wipe Tool

North Korean spies used Google Find Hub as remote-wipe tool

: KONNI espionage crew covertly abused Google’s Find My Device feature to remotely factory-reset Android phones

North Korean spies turn Google's Find Hub into remote-wipe weapon

KONNI espionage crew covertly abused Google's Find My Device feature to remotely factory-reset Android phones North Korean state-backed spies have found a new way to torch evidence of their own cyber-spying – by hijacking Google's "Find Hub" service to remotely wipe Android phones belonging to their South Korean targets. . . .

North Korea-backed group hijacks Google’s Find Hub in credential theft campaign

The North Korean hacker group Konni has discovered a new set of attacks that, for the first time, use Google’s Find Hub asset tracking feature. The attacks target both Android and Windows devices to steal data and gain remote control. The activity detected in early September 2025 revealed that the attacks can exploit Google’s asset tracking services Find Hub, thereby leading to the unauthorized deletion of personal data.  The hack starts with an…

North Korean hackers exploit Google’s safety tools for remote wipe

North Korea-linked threat actors have found a novel way to weaponize Google’s own security ecosystem, using it to wipe espionage data from victim phones remotely. According to findings by Genians Security Center (GSC), the attackers leveraged the Android device-tracing and management service “Find Hub” to remotely wipe data on Android phones and tablets. “While Find Hub is intended to safeguard Android devices, this is the first confirmed case i…

Hackers are abusing Find Hub to track and wipe Android devices

Credit: Rita El Khoury / Android Authority TL;DR North Korean hackers have apparently used Google’s Find Hub to remotely track and wipe victims’ devices. A cybersecurity firm said the hackers initially compromised devices by sending malicious files via KakaoTalk. It’s recommended that you enable two-factor authentication on your Google account and regularly change your password. It’s not uncommon for hackers to turn your favorite apps and servi…

North Korean Konni Group Leverages Google’s Find Hub to Wipe Android Devices in Latest Campaigns

North Korea’s Konni Group has reportedly escalated its cyber espionage tactics by leveraging Google’s legitimate Find Hub service to remotely wipe Android devices, marking a significant and concerning shift in the state-sponsored threat actor’s operational methodology. For more information on similar vulnerabilities, read about a Samsung Zero-Click Vulnerability Exploited, Deploying LANDFALL Spyware. Introduction to Malware Binary Triage (IMBT)…