Lazarus Group Targets Cryptocurrency Firms Via LinkedIn Messages
Lazarus Group, a North Korean-based APT, has been targeting the cryptocurrency industry through sophisticated phishing messages over LinkedIn. The nation-state threat operator has allegedly been conducting a widespread phishing campaign that targets a variety of businesses worldwide and appears to be financially motivated. The attackers are attempting to leverage the popular business platform to gain access to users’ personal information, harvesting credentials.
The group seems to be specifically targeting credentials needed for cryptocurrency wallets and online bank accounts, attempting to lure victims through fake LinkedIn job messages. Researchers at F-Secure released a report detailing the campaign on Tuesday, stating that the group’s activities present a continued threat. In the messages sent to specific LinkedIn users, a malicious document was attached disguised as a legitimate job advertisement for a position in a blockchain technology company.