North Korean Hackers Target CryptoJob Seekers To Evade Western Countries Against Sections

North Korean state sponsors hackers are victimizing cryptocurrency workers with a new phishing campaign on LinkedIn and Indeed to plagiarize resumes and other people’s profiles to land remote work at crypto firms, security researchers at Mandiant said. 
Malwarebytes cyber security researcher, Hossein Jazi, published details of the attack on Twitter. Research analysis shows that the hackers leveraged a PDF containing information about the non-existent role of “engineering manager, product security” at crypto giant Coinbase. 
The objective behind this campaign is to get access to these firms’ internal operations, and projects and gather data about upcoming trends, including Ethereum network development, potential security lapses, and non-fungible tokens (NFTs). 
This information reportedly serves North Korean threat actors to launder cryptocurrencies that can later be used by the Pyongyang government to answer Western sanctions. 
Joe Dobson, a principal analyst at Mandiant, told the press that “It comes down to insider threats If someone gets hired onto a crypto project, and they become a core developer, that allows them to influence things, whether for good or not.” 
This phishing camp

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article:

Liked it? Take a second to support IT Security News on Patreon!
Become a patron at Patreon!