1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • No, Coinbase doesn't want to offer you a job - it's a North Korea

    From TechnologyDaily@1337:1/100 to All on Mon Aug 8 21:30:04 2022
    No, Coinbase doesn't want to offer you a job - it's a North Korean scam

    Date:
    Mon, 08 Aug 2022 20:18:06 +0000

    Description:
    Fake job offers are getting out of hand, with crooks now impersonating Coinbase.

    FULL STORY ======================================================================

    Infamous North Korean threat actor Lazarus Group has been spotted attempting to lure blockchain developers with fake job offers laden with malware .

    Cybersecurity researchers from Malwarebytes have discovered a new campaign in which Lazarus assumes the identity of Coinbase, one of the worlds biggest and most popular cryptocurrency exchanges.

    The criminals then reach out to blockchain developers with a job offer for
    the role of Engineering Manager, Product Security", and even conduct a few interviews, to make the whole campaign more believable. At one point,
    however, the attackers will share a file, seemingly a PDF, with details on
    the alleged job position. The only thing this file has with a PDF is the
    icon, however, as its, in fact, an executable - Coinbase_online_careers_2022_07.exe. Besides the .exe, the threat actor will also deploy a malicious DLL. Fake job offers galore

    These files will then connect to GitHub, which servers as a command & control (C2) server, which shares further instructions on how to best infect the endpoint .

    The fake job offer type of attack is nothing new. In fact, the biggest crypto theft of all time, a $600 million-heavy attack on the Ronin bridge, happened in the same manner. One of Ronins developers was approached, via LinkedIn, by someone pretending to be a headhunter looking for quality developers.

    One thing led to another, and the victim ended up downloading a weaponized
    PDF file which eventually gave the attackers the keys to Ronins kingdom. Read more

    This latest LinkedIn scam sends fake job offers to lure victims in


    An elaborate LinkedIn scam led to one of the largest heists in crypto
    history


    Here's our rundown of the best antivirus tools right now

    The FBI pointed its finger to Lazarus Group for this attack, as well. Regardless of if it ends up being true or not, this threat actor is by no means a stranger to fake job offers. The group has already used General Dynamics and Lockheed Martin for the same purpose.

    Lazarus usually attacks banks, cryptocurrency exchanges, NFT marketplaces,
    and sometimes people known for holding a heavy bag of cryptocurrencies. These are the best firewalls today

    Via: Bleeping Computer



    ======================================================================
    Link to news story: https://www.techradar.com/news/no-coinbase-doesnt-want-to-offer-you-a-job-its- a-north-korean-scam/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)