North Korean Lazarus hacker group using LinkedIn to target and steal assets: Report — TradingView News | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

North Korean hacker group Lazarus is now using LinkedIn to target vulnerable users and steal their assets via targeted malware attacks.

The incident came to light after blockchain security analytic firm SlowMist revealed that Lazarus group hackers are pretending to look for jobs as blockchain developers in the cryptocurrency industry through LinkedIn.

SlowMist claimed hackers steal confidential employee credentials after inviting access to their repository to run relevant code. The code snippets the hacker runs contain malicious code that steals confidential information and then assets.


Using LinkedIn for targeted attacks is not a new methodology, and the North Korean hacker group used a similar tactic in December last year, posing as a fake Meta recruiter.

After contacting victims via LinkedIn, the fake recruiter requested that the targeted “applicants” download two coding challenges as part of the hiring procedure. These two coding files contained malware, and when they were run on a work computer, they released a Trojan that allowed remote access.

The infamous hacking group has stolen over $3 billion in crypto assets. It is among the most notorious and organized hacking groups that first surfaced in 2009 and continues to target crypto firms despite numerous sanctions against them.

The hacking group is known for using innovative ways to target and steal funds. In August 2023, the group used fake job interviews to steal $37 million from crypto payment firm CoinPaid. The hackers attempted to infiltrate CoinsPaid infrastructure by targeting individuals through fake high-salary job offers.


Click Here For The Original Story From This Source.


National Cyber Security