1. Forum
  2. FidoNet
  3. POLITICS

  • North Korean hackers are

    From Mike Powell@1:2320/105 to All on Sat Feb 8 10:32:00 2025
    North Korean hackers are targeting LinkedIn jobseekers with new malware - here's how to stay safe

    Date:
    Fri, 07 Feb 2025 22:30:00 +0000

    Description:
    Fake LinkedIn job offers are deceiving job hopefuls.

    FULL STORY ======================================================================
    - North Korean hackers are using LinkedIn to scam jobseekers
    - The fake job offers often promise well-paid remote work
    - But the victims are eventually infected with malware

    A long-running campaign by notorious North Korean hacking group Lazarus has seen job hopefuls scammed in many different ways, including downloading
    malware disguised as interview software , fake coding tests, infostealers,
    and some companies have even accidentally hired North Korean hackers as
    remote IT workers.

    Now, a new facet of the Contagious Interview campaign has arisen, and this time, hackers are using LinkedIn to scam victims, research from Bitdefender warns.

    LinkedIn can be a fantastic tool for professionals to network, and many businesses use the app to recruit new employees, and now, it turns out, so
    are the Lazarus group.

    Malicious offers

    The fake recruitment scams ultimately result in the victim being infected
    with malware, and the hackers tend to target jobseekers in high profile industries, like defense, aerospace, or engineering - looking to exfiltrate classified or sensitive information, or even corporate credentials.

    The fake jobs researchers observed in these scams were often remote work, flexible and well paid, sometimes involving cryptocurrencies as payment.
    These are designed to be enticing offers, so be wary of anything that looks a little too good to be true.

    Scammers will message a victim via LinkedIn, then requesting a CV or personal GitHub repository link (which could be used to harvest personal information). From there, the recruiter shares a feedback document, which infects the
    victim with malware.

    There are some warning signs to look out for, like vague job descriptions,
    poor communications, and users without popper documentations. Make sure to
    vet any job offers, applications, and interview offers thoroughly - and dont click any links from unknown sources.

    In February 2025, Apple delivered a new patch on Xprotect, its on-device malware removal tool to block variants of the macOS FerretFamily - which had been found disguised as Chrome or Zoom installers targeting applicants.

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/north-korean-hackers-targeting-linkedin -jobseekers-with-new-malware

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)