LinkedIn Lures and Crypto Chaos: North Korean Hackers’ Job Scam Unleashed
The Lazarus Group is using fake LinkedIn job offers to spread malware across Windows, macOS, and Linux systems. Enticing targets with remote work promises, the scam escalates to sharing malicious code via GitHub. The malware is sophisticated, utilizing multiple languages and tools to steal data, disable security, and even mine cryptocurrency.
Hot Take:
North Korea’s Lazarus Group is proving that even in the world of cybercrime, networking matters. Who knew that LinkedIn could be the gateway to your next malware infection? Looks like the Lazarus Group’s new skills include pretending to be recruiters, and they’re definitely not planning to endorse you on LinkedIn for ‘avoiding malware’.
Key Points:
- Lazarus Group targets victims using fake LinkedIn job offers in cryptocurrency and travel sectors.
- Scam involves enticing targets with remote work, then requesting CVs or GitHub links.
- Victims receive a link to a supposed decentralized exchange project containing malware.
- Malware is capable of harvesting data from cryptocurrency wallets and installing a backdoor.
- Attack techniques exhibit similarities with the Contagious Interview campaign.
Already a member? Log in here