1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • North Korean hackers are posing as job interviewers - don't be fo

    From TechnologyDaily@1337:1/100 to All on Thu Nov 23 18:30:05 2023
    North Korean hackers are posing as job interviewers - don't be fooled

    Date:
    Thu, 23 Nov 2023 18:26:53 +0000

    Description:
    You won't get a job but you might get a virus - and lose all your cryptocurrency.

    FULL STORY ======================================================================

    If youre hiring, or looking to get hired for a new job - be very careful who you talk to. Cybersecurity researchers from Palo Altos Unit 42 have
    discovered two separate malware campaigns - one targeting employers, and the other job hunters - run by North Korean state-sponsored threat actors.

    Dubbed Contagious Interview", the campaign sees hackers impersonate
    employers, creating fake profiles on various social media networks and try to get software developers interested in a new job opportunity.

    During the interview process (which often includes multiple steps, possibly even video interviews), the hackers would get the victims to download and run files which end up infecting their endpoints with malware.

    Reader Offer: $50 Amazon gift card with demo
    Perimeter 81's Malware Protection intercepts threats at the delivery stage
    to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

    Preferred partner ( What does this mean? ) New malware

    This campaign most likely started in December last year, and given that parts of the infrastructure are still active, the campaign is still very much a threat.

    Its goal, according to the report, is to steal cryptocurrencies from the victims, and later use their endpoints as a stepping stone for additional attacks.

    The campaign in which hackers seek employment is dubbed Wagemole. The threat actors are mostly going for US-based firms, Unit 42 says, but they wont pass up on an opportunity anywhere else in the world. During the process, the attackers create multiple resumes with different technical skill sets, as
    well as multiple identities impersonating individuals from different parts of the world. It also includes common job interview questions and answers, scripts

    for interviews and downloaded job postings from US companies.

    For the attack to be successful, the victims need to download and run two types of previously unseen malware - one called BeaverTail, and the other one called InvisibleFerret. While BeaverTail is a JavaScript-based piece of malware hidden inside an npm package, InvisibleFerret is a simple but
    powerful Python-based backdoor. Both samples can be run on Windows, macOS,
    and Linux devices. More from TechRadar Pro DDoS attacks are getting bigger
    and more powerful, and that's a really bad thing Here's a list of the best firewalls around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/north-korean-hackers-are-posing-as-job- interviewers-dont-be-fooled


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)