Security News > 2022 > August > North Korean hackers target crypto experts with fake Coinbase job offers
A new social engineering campaign by the notorious North Korean Lazarus hacking group has been discovered, with the hackers impersonating Coinbase to target employees in the fintech industry.
A common tactic the hacking group uses is to approach targets over LinkedIn to present a job offer and hold a preliminary discussion as part of a social engineering attack.
Coinbase is one of the world's largest cryptocurrency exchange platforms, allowing Lazarus to lay the ground for a lucrative and enticing job offer at a prestigious organization.
Other campaigns conducted by Lazarus in the past using fake job offers were for General Dynamics and Lockheed Martin.
State-sponsored North Korean hacking groups are known for launching financially motivated attacks against banks, cryptocurrency exchanges, NFT marketplaces, and individual investors with significant holdings.
This same type of attack is likely what Lazarus is hoping to achieve in the latest Coinbase-lured campaign, as it would only take a single person in a company to open the PDF and enable the hackers to gain initial access to the corporate network.
News URL
Related news
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)
- North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures (source)
- North Korean Hackers Disguised as IT Workers Targeting UK, European Companies, Google Finds (source)
- North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages (source)
- Hackers abuse Zoom remote control feature for crypto-theft attacks (source)