ARS Technica writes North Korean hackers basically used social engineering skills to try to hack seasoned security researchers. The hackers infiltrated the Twitter infosec community and spent weeks developing working relationships with security researchers. They created research blogs and reached out to security researchers to collaborate on a project.
Security researchers who took the bait were asked to open a website via Internet Explorer. The webpage contained malicious code that abused a security vulnerability in Internet Explorer to perform remote code execution:
Eventually, the fake Twitter profiles asked the researchers to use Internet Explorer to open a webpage. Those who took the bait would find that their fully patched Windows 10 machine installed a malicious service and an in-memory backdoor that contacted a hacker-controlled server.