The website had a link to the hackers’ PGP public key at the bottom of the page. Early this year, researchers reported that the PGP key hosted on the attacker’s blog acted as the lure to visit the site where a browser exploit was waiting to be triggered. Google researchers said they hadn’t seen this new fake website serving malicious content but have added it to Google Safebrowsing as a precaution. The hackers set up several social media accounts to pose as fellow security researchers interested in exploitation and offensive security. Researchers said that on LinkedIn, two accounts were identified as impersonating recruiters for antivirus and security companies. Since then, these profiles have been reported to the relevant social media companies to take appropriate action.