Summary: The Lazarus Group, linked to North Korea, is conducting a sophisticated scam using fake LinkedIn job offers to distribute malware targeting Windows, macOS, and Linux systems. The campaign manipulates potential victims into sharing personal information under the guise of a job application, ultimately leading to the installation of various malicious payloads designed to steal data, log keystrokes, and mine cryptocurrency. The technique aligns with a known cluster of attacks dubbed Contagious Interview, highlighting the evolving nature of cyber threats.
Affected: Organizations utilizing LinkedIn for recruitment or those involved in cryptocurrency and tech sectors
Keypoints :
- Scammers exploit LinkedIn by offering attractive job opportunities in cryptocurrency and travel.
- After initial contact, victims are tricked into providing personal information which is later used to deliver malware.
- Malware utilizes multiple programming languages and technologies to execute complex infection chains, including data exfiltration and cryptocurrency mining.
Source: https://thehackernews.com/2025/02/cross-platform-javascript-stealer.html