Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Hackers Lure Cybersecurity Researchers With Fake LinkedIn Recruiter ProfilesHackers Lure Cybersecurity Researchers With Fake LinkedIn Recruiter Profiles
Campaign demonstrates the DPRK-backed cyberattackers are gaining tools to avoid EDR tools.
1 Min Read
Source: Alekesey Zotov via Alamy
North Korean advanced persistent threat (APT) group Lazarus (aka UNC290) has been targeting security researchers with a phishing campaign via LinkedIn since last June.
Mandiant reported that the phishing attacks started against a US-based tech company, and noted the threat actors were using three new code families — Touchmove, Sideshow, and Touchshift — in their activities.
Posing as recruiters on LinkedIn, the group works to earn a victim's trust, and it then convinces them engage on WhatsApp or by email, where they can send a malware dropper, Mandiant explained.
"Following the identification of this campaign, Mandiant responded to multiple UNC2970 intrusions targeting US and European media organizations through spear-phishing that used a job recruitment theme and demonstrated advancements in the groups ability to operate in cloud environments and against endpoint detection and response (EDR) tools," Mandiant said about the emerging phishing campaign.
About the Author
You May Also Like
More Insights
Webinars
Securing the Remote Workforce
Feb 20, 2025Emerging Technologies and Their Impact on CISO Strategies
Feb 25, 2025How CISOs Navigate the Regulatory and Compliance Maze
Feb 26, 2025Where Does Outsourcing Make Sense for Your Organization?
Feb 27, 2025Shift Left: Integrating Security into the Software Development Lifecycle
Mar 5, 2025
_vska_Alamy_.jpg?width=700&auto=webp&quality=80&disable=upscale)