1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • North Korean hackers target job seekers with fake interviews

    From TechnologyDaily@1337:1/100 to All on Thu Sep 5 13:30:05 2024
    North Korean hackers target job seekers with fake interviews

    Date:
    Thu, 05 Sep 2024 13:29:00 +0000

    Description:
    Hackers tricked victims into downloading malware through fake video call apps.

    FULL STORY ======================================================================

    Research has found that North Korean cyber criminals tricked unsuspecting candidates into downloading fake Windows video conferencing applications
    which impersonated FreeConference.com. The campaign was labeled Contagious Interview after being discovered by analysts.

    Discovered by cyber security company Group-IB, the campaign was reportedly carried out by known threat actor Lazarus, who has been observed to have run similar operations in the past.

    The attacks started through a job search platform, such as LinkedIn or
    Upwork. The attackers reached out to the intended target to discuss a job opportunity, and invited them to continue the discussion via Telegram. From there, the victim would be asked to download a video conferencing app FreeConference or Node.js for a trial technical task. Elaborate schemes

    Of course, these installers were fake, and the victim unknowingly downloaded malware named BeaverTail, which delivered a backdoor known as InvisibleFerreft, equipped with keylogging, remote control, and browser stealing capabilities. The FBI recently released a statement warning of efforts from North Korean hackers,

    North Korean social engineering schemes are complex and elaborate, often compromising victims with sophisticated technical acumen. Given the scale and persistence of this malicious activity, even those well versed in cybersecurity practices can be vulnerable to North Korea's determination to compromise networks connected to cryptocurrency assets.

    The Lazarus group is infamous and has reportedly been active since 2010. In that time, it has attacked a range of targets, including governments, healthcare, finance, and defense infrastructure.

    As always, we recommend only downloading apps from official sources, and verifying the identity of anyone you're speaking to online. Weve listed our picks for the best malware removal software to help keep your information safe.

    Via The Hacker News More from TechRadar Pro Take a look at our pick of the best encryption software out there today Sinbad crypto mixer used by North Korean Lazarus Group seized by US government Here are our best firewall tools to keep your business protected



    ======================================================================
    Link to news story: https://www.techradar.com/pro/north-korean-hackers-target-job-seekers-with-fak e-interviews


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)