Lazarus Group Targets Cryptocurrency Firms Via LinkedIn Messages

2020-08-25 14:46

The nation-state threat operator Lazarus Group is being tied to a recent phishing campaign that targeted admins at a cryptocurrency firm via LinkedIn messages.

Researchers say that the recently identified a series of incident that were part of a broader campaign targeting businesses worldwide through LinkedIn messages sent to targets' personal LinkedIn accounts.

The attackers targeted system administrators in an unnamed cryptocurrency company with a phishing document, which was attached to a message sent to their personal LinkedIn accounts.

More recently it has debuted an advanced, multi-purpose malware framework that targets Windows, Linux and MacOS operating systems; and has been linked to a recent strain of ransomware, called VHD. However, this most recent campaign shows that the group is now also looking to target organizations in the financial and cryptocurrency verticals, researchers warn.

"It is F-Secure's assessment that the group will continue to target organizations within the cryptocurrency vertical while it remains such a profitable pursuit, but may also expand to target supply chain elements of the vertical to increase returns and longevity of the campaign," said researchers.

News URL

https://threatpost.com/lazarus-group-targets-cryptocurrency-firms-via-linkedin-messages/158614/

#cryptocurrency #lazarusgroup #linkedin