Security News > 2023 > March > Security researchers targeted with new malware via job offers on LinkedIn

Security researchers targeted with new malware via job offers on LinkedIn
2023-03-10 17:48

A suspected North Korean hacking group is targeting security researchers and media organizations in the U.S. and Europe with fake job offers that lead to the deployment of three new, custom malware families.

Mandiant says the particular group has previously targeted tech firms, media groups, and entities in the defense industry.

One of the lures shared by Mandiant impersonates the New York Times, as shown below.

TouchShift then loads another screenshot utility called "TouchShot," a keylogger named "TouchKey," a tunneller named "HookShot," a new loader named "TouchMove," and a new backdoor named "SideShow."

North Korean hackers previously targeted security researchers involved in vulnerability and exploit development by creating fake online social media personas that pretended to be vulnerability researchers.

These personas would then contact other security researchers about potential collaboration in vulnerability research.


News URL

https://www.bleepingcomputer.com/news/security/security-researchers-targeted-with-new-malware-via-job-offers-on-linkedin/