Skip to main content

Watch out - that dream job offer could be a malware scam

Hackers are targeting potential victims with malware disguised as fake job offers, cybersecurity experts have warned.

Researchers from ESET have found that the Lazarus criminal group is targeting Linux users pretending to be emailing victims who work in the software or DeFi platform industries with the promise of a new role.

However the messages, sent either via LinkedIn or other social media platforms are simply a ploy to get the victims to download malware.

Lazarus attack

Thought to be affiliated with the North Korean government, Lazarus has become notorious in recent years for a number of cybercrime campaigns targeting users around the world.

This includes Operation DreamJob, its recent campaign that was launched as a result of the recent supply-chain attack on VoIP provider 3CX, which experts are now almost certain was carried out by Lazarus.

In its report on the campaign, ESET outlined how victims were targeted on social media, and asked to download documents claiming to contain details about a new offered position. 

In its example, ESET found a ZIP archive named "HSBC job offer.pdf.zip" that contains a file that looks at first glance like a PDF, but in fact uses a Unicode character in its name as a disguise.

"The use of the leader dot in the filename was probably an attempt to trick the file manager into treating the file as an executable instead of a PDF," ESET added. "This could cause the file to run when double-clicked instead of opening it with a PDF viewer."

If clicked, the malware, named as OdicLoader, shows a fake PDF whilst downloading a payload in the background, which following further examination by ESET, looks to target Linux VMware virtual machines.

Read more

Procter & Gamble is the latest big GoAnywhere zero-day victim

 > Hatch Bank says 140,000 customers had data stolen after breach

 > Check out the best endpoint protection solutions right now

The after-effects on the March 2023 attack on 3CX are continuing to shake the technology industry as a whole. Recent reports suggest Lazarus is specifically targeting cryptocurrency companies using a trojanized version of the platform. 

3CX has more than 12 million daily users, with products used by more than 600,000 companies worldwide Its customer list includes high-profile companies and organizations like American Express, Coca-Cola, McDonald's, Air France, IKEA, the UK's National Health Service, and multiple automakers, including BMW, Honda, Toyota, and Mercedes-Benz.



Comments

Post a Comment

Popular posts from this blog

Garmin's new radar-equipped tail light will keep you safe on your e-bike

Garmin's Varia bike radars are some of the most popular pieces of cycling tech around – and now the company has delivered its first rearview radar to have been specially designed for some of the best e-Bikes .   Garmin's Varia range mounts to the back of your bike and broadcasts a radar signal behind you, so you can get visual and audible alerts when something's overtaking you. Even better, the new Varia eRTL615 plugs directly into most e-bikes, with no battery required. Because the catchily-named Varia eRTL615 is also a tail light, it'll also make sure you're visible to other vehicles too, promising to emit a flashing or solid light that's visible from up to a mile away in daylight. To connect Garmin's new radar tail light to your e-bike, you'll need to pick the right Garmin adapter cable (which isn't included). You can buy power cables compatible with Bosch, Shimano, or USB-A terminals or connections, with more info on those available on Garmin...
Post a Comment
Read more

Revolution Software is using their own AI technology to remake Broken Sword

TechRadar Gaming is reporting live from Gamescom 2023 on the latest and greatest developments in gaming and hardware. Revolution Software announced at Gamescom 2023 that Broken Sword would be coming back, with Broken Sword - The Shadow of the Templars getting a full remake while a sixth title in the series is coming in the future too, under the title Broken Sword - Parzival’s Stone .  Speaking to TRG ahead of the announcement, Cecil talked about the studio’s plans for a Broken Sword remake and the sixth title in the series. Cecil is a larger-than-life character, who is able to talk about the studio’s plans with enthusiasm. It even carries a pocketful of stones to illustrate the plans for Parzival’s Stone , but he also talks about how Broken Sword - The Shadow of the Templars would be using AI to upscale.  Cecil wasn’t shy about the studio’s use of AI technology, but he gave a fairly robust explanation of why the game was using it. The AI technology will be used to upda...
Post a Comment
Read more

Hackers steal passwords, emails from hookup websites

Two gay hookup websites have been breached with sensitive and personal user data stolen and sold online, new reports have claimed. The databases, which are now being sold on dark web forums, were taken from platforms called TruckerSucker, and CityJerks. They contain enough personally identifiable information to engage in identity theft , such as usernames and passwords, email addresses, profile pictures, sexual preferences, birth dates, postal addresses, IP addresses, and bios. The passwords are encrypted, but according to TechCrunch, the algorithm is “weak” and could be broken by a more persistent hacker. The silent treatment HaveIBeenPwned founder Troy Hunt, who was tipped off on the leak, described the incident as a “typical forum breach, albeit with super sensitive content.”  However the content includes more than just identity data, as there are also messages users exchanged, including arranging meetings and describing their sexual preferences.  In total, more than...
Post a Comment
Read more