Connect with us


North Korean Hackers Use Crypto Exchange Job Ads to Spread Viruses



Cryptocurrency exchange is the latest target of a fraudulent job advertisement scheme by the North Korea-linked Lazarus hacking group.

The malware attack encourages members of the crypto community to download a PDF document showing open job openings on, including an art director position in Singapore, among others, according to a report by the cybersecurity firm. Sentinel One.

When the interested candidate downloads the PDF job description, he is unknowingly the victim of a “Trojan Horse” attack, in which his personal data and financial information is compromised.

More recently, in August, Lazarus also ran a similar scheme targeting candidates with job offers via direct message on LinkedIn to an engineering manager at another at cryptocurrency exchange, Coinbase.

As shown by security research firm ESET, the bundle of three files that incorporated the malware software was disguised as a career document for a role at Coinbase.

While the group’s exact intentions are unknown, it is assumed that gaining access to cryptocurrency funds and confidential information on exchanges is the priority.

Lazarus and cryptocurrencies

In April of this year, the United States Department of the Treasury accused Lazarus of coordinating the $622 million attack on Ronin Bridge – an Ethereum sidechain that supports the popular blockchain game Axie Infinity. The body issued a blacklist status for the wallet address and placing it on official sanctions.

In recent years, the North Korean government and associated security services have denied any involvement with Lazarus.

In February, a United Nations report indicated that a portion of North Korea’s nuclear and ballistic missile programs were financed through cyber attacks and cryptocurrencies.

News Source