Hackers Lure Cybersecurity Researchers With Fake LinkedIn Recruiter Profiles

  /     /     /  
Publicated : 23/11/2024   Category : security


Hackers Lure Cybersecurity Researchers With Fake LinkedIn Recruiter Profiles


Campaign demonstrates the DPRK-backed cyberattackers are gaining tools to avoid EDR tools.



North Korean advanced persistent threat (APT) group Lazarus (aka UNC290) has been targeting security researchers with a phishing campaign via LinkedIn since last June.
Mandiant reported that the phishing attacks started against a US-based tech company, and noted the threat actors were using three new code families — Touchmove, Sideshow, and Touchshift — in their activities.
Posing as recruiters on LinkedIn, the group works to earn a victims trust, and it then convinces them engage on WhatsApp or by email, where they can send a
malware dropper
, Mandiant explained.
Following the identification of this campaign, Mandiant responded to multiple UNC2970 intrusions targeting US and European media organizations through spear-phishing that used a job recruitment theme and demonstrated advancements in the groups ability to operate in cloud environments and against endpoint detection and response (EDR) tools, Mandiant said about the emerging
phishing campaign
.

Last News

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Hackers Lure Cybersecurity Researchers With Fake LinkedIn Recruiter Profiles