News

Lazarus hackers target IT workers with Linux malware disguised as a job vacancy

By admin
Spread the love

Lazarus hackers affiliated with North Korea target IT workers with specific Linux malware through a fake vacancy. For example, software makers were approached via LinkedIn with a job offer, after which an infected file was sent.

Victims were shown this fake vacancy. Image via ESET

The hackers operate according to cybersecurity experts from ESET under the name Operation DreamJob and use an apparent .pdf file to install malware on victims’ Linux systems. In contrast, the apparent .pdf file, a 64-bit Intel-Linux binary called HSBC job offer․pdf, is actually an executable. Although a fake vacancy appears on the screen after opening, a payload is said to be downloaded from OpenDrive in the background. This will then install a SimplexTea backdoor.

The same security researchers conclude ‘with a high degree of certainty’ based on the above findings that the recent cyber attack on 3CX was carried out by the same organization. After a supply chain attack, the VoIP service’s desktop client spread malware; Lazarus is also said to have been behind this. According to ESET, the two examples underline how cunning North Korean hackers can operate on different platforms.

You might also like
Extensions & Addns

ShortcutKey2URL for Chrome . Extension

News

Water collection from the air using a portable system

Review

AMD X870 Motherboards Review- ASUS, ASRock and MSI present line-ups

Review

New eras for old favorite – Civilization VII Review

Review

Waterproof range for your garden – TP-Link Deco X50-Outdoor Quick Test

Downloads

Download Office 365 Offline Installer ISO / IMG

Exit mobile version