Security News > 2022 > August > North Korean hackers target crypto experts with fake Coinbase job offers
A new social engineering campaign by the notorious North Korean Lazarus hacking group has been discovered, with the hackers impersonating Coinbase to target employees in the fintech industry.
A common tactic the hacking group uses is to approach targets over LinkedIn to present a job offer and hold a preliminary discussion as part of a social engineering attack.
Coinbase is one of the world's largest cryptocurrency exchange platforms, allowing Lazarus to lay the ground for a lucrative and enticing job offer at a prestigious organization.
Other campaigns conducted by Lazarus in the past using fake job offers were for General Dynamics and Lockheed Martin.
State-sponsored North Korean hacking groups are known for launching financially motivated attacks against banks, cryptocurrency exchanges, NFT marketplaces, and individual investors with significant holdings.
This same type of attack is likely what Lazarus is hoping to achieve in the latest Coinbase-lured campaign, as it would only take a single person in a company to open the PDF and enable the hackers to gain initial access to the corporate network.
News URL
Related news
- North Korean hackers employ new tactics to compromise crypto-related businesses (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- North Korean hackers pave the way for Play ransomware (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- North Korean hackers create Flutter apps to bypass macOS security (source)