Lazarus Group Targets Bitcoin Company
The cybercrime group blamed for attacks on the SWIFT financial network launches a spearphishing campaign to steal employee credentials at a London cryptocurrency company.
Security researchers believe the Lazarus Group - believed to be responsible for the massive 2014 breach at Sony and the 2016 attacks on the SWIFT network - is now targeting employees of a London cryptocurrency company with a phishing campaign, in an effort to gain remote control of employees' devices, Reuters reports.
Researchers at Secureworks Counter Threat Unit discovered the campaign, which aims to lure employees to click on a link for a chief financial officer job opening. The link then downloads malware onto users' devices and gives attackers remote control of the device.
The technology used in this particular campaign is similar to ones used in other campaigns tied to Lazarus, which is linked to the North Korean government, Reuters reports.
Secureworks, which came across the Lazarus phishing campaign as recently as last month, believes the group's efforts are still ongoing, Reuters notes.
Read more about the phishing campaign here.
About the Author
You May Also Like
Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024The Unreasonable Effectiveness of Inside Out Attack Surface Management
Dec 4, 2024