Lazarus group strikes cryptocurrency firm through LinkedIn job adverts

The Lazarus group is on the hunt for cryptocurrency once more and has now launched a targeted attack against a crypto organization by exploiting the human element of the corporate chain.

On Tuesday, cybersecurity researchers from F-Secure said the cryptocurrency organization is one of the latest victims in a global campaign which has targeted businesses in at least 14 countries including the UK and US. 

Lazarus is an advanced persistent threat (APT) group thought to be tied to North Korea. Economic sanctions against the country imposed due to nuclear programs, human rights abuses, and more may have something to do with the group, which focuses on financially-motivated attacks that have expanded to include cryptocurrency in the past three years. 

The US government says Lazarus was formed in 2007 and since then, researchers have attributed the group as responsible for the global WannaCry attack wave, the $80 million Bangladeshi bank heist, and the 2018 HaoBao Bitcoin-stealing campaign. 

According to F-Secure, the latest Lazarus attack was tracked through a LinkedIn job advert. The human target, a system administrator, received a phishing document in their personal LinkedIn account that related to a blockchain technology company seeking a new sysadmin with the employee's skill set.   

The phishing email is similar to Lazarus samples already made available on VirusTotal, including the same names, authors, and word count elements.

Read the full article on https://www.zdnet.com/article/lazarus-group-strikes-cryptocurrency-firm-through-linkedin-job-adverts/

#lazarus #cryptocurrency #linkedin #phishing #yokdata #mindyourdata