Security News > 2022 > August > North Korean hackers target crypto experts with fake Coinbase job offers
A new social engineering campaign by the notorious North Korean Lazarus hacking group has been discovered, with the hackers impersonating Coinbase to target employees in the fintech industry.
A common tactic the hacking group uses is to approach targets over LinkedIn to present a job offer and hold a preliminary discussion as part of a social engineering attack.
Coinbase is one of the world's largest cryptocurrency exchange platforms, allowing Lazarus to lay the ground for a lucrative and enticing job offer at a prestigious organization.
Other campaigns conducted by Lazarus in the past using fake job offers were for General Dynamics and Lockheed Martin.
State-sponsored North Korean hacking groups are known for launching financially motivated attacks against banks, cryptocurrency exchanges, NFT marketplaces, and individual investors with significant holdings.
This same type of attack is likely what Lazarus is hoping to achieve in the latest Coinbase-lured campaign, as it would only take a single person in a company to open the PDF and enable the hackers to gain initial access to the corporate network.
News URL
Related news
- North Korean hackers linked to $1.5 billion ByBit crypto heist (source)
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)
- North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack (source)
- zkLend loses $9.5M in crypto heist, asks hacker to return 90% (source)
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- Hackers pose as employers to steal crypto, login credentials (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- OpenAI bans ChatGPT accounts used by North Korean hackers (source)
- North Korean Hackers Steal $1.5B in Cryptocurrency (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)