Home Social group Hackers would like you to join their LinkedIn network — beware of these phishing attacks

Hackers would like you to join their LinkedIn network — beware of these phishing attacks


Microsoft’s Threat Intelligence Center, or MSTIC (pronounced mystical) for short, warns that a North Korean military hacking group is using fake social media accounts, particularly on LinkedIn, to trick individuals using fake email offers. job to spread vicious open source malware.

The militarized hacking team uses trojanized open source apps and LinkedIn recruiting to bait tech industry employees, according to MSTIC, and the threat has been relentless. Microsoft threat team shared via blog post (opens in a new tab) that the group has been using PuTTY, KiTTY, TightVNC, Sumatra PDF Reader and the muPDF/Subliminal Recording software installer for these attacks since late April.

Who are they targeting

The hacker group has targeted employees across multiple industries, including media, defense and aerospace, in the US, UK, India and Russia. The group is believed to be behind the infamous Sony breach in 2014.

Known as Lazarus, the outfit is tracked by Microsoft as ZINC. On joining MSTIC, Mandiant threat analysts from Google Cloud noticed that the group is targeting spear phishing in the technology and media sectors using fraudulent job postings last July and using WhatsApp to share a Trojan .

How it’s made

In Microsoft’s blog post, the MSTIC team said, “Microsoft researchers have observed spear phishing as ZINC players’ primary tactic, but it has also been observed using strategic compromises on websites and social engineering on social networks to achieve their goals.

The MSTIC team goes on to say, “ZINC targets employees of companies it attempts to infiltrate and seeks to coerce these individuals into installing seemingly benign programs or opening weaponized documents containing malicious macros. Targeted attacks have also been carried out against security researchers on Twitter. and LinkedIn.”

Fraudulent recruiter profile

(Image credit: Microsoft)

By creating fake accounts on LinkedIn, hackers engaged in data theft, hacked accounts and crypto exchanges, and tore networks apart. For its part, LinkedIn’s Threat Defense team, owned by Microsoft, removed all fake accounts it found.

Using messages tailored to specific industries, the hacker group targeted tech support professionals and engineers who worked for media and IT companies located in the UK, India and the US. . US authorities issued a warning, alerting European businesses to what was happening.

It used to be that LinkedIn seemed like a very safe, business-like social media platform for job hunting and networking, but in today’s world, where there are subscription services for hackers , there are few safe spaces on the Internet, and we must always be vigilant. Keeping up with the latest threats is a great first step, and make sure you’re using one of the best antivirus apps to stay safe online.

Going through: ZDNet