menu-control
The Jerusalem Post
Home Page
Business & Innovation
Banking & Finance
Tech & Start Ups
Energy & Infrastructure
Real Estate
Opinion
JP Must
Israel Real Estate
Aliyah
Jerusalem Post Conferences
Premium
The Daily Edition
The Jerusalem Post Ivrit
The Jerusalem Report
Coronavirus
Opinion
Heroines of Swords of Iron
Real Estate Listings
JPost Store
JPost Shopping
Categories
Breaking News
Israel News
Israel Politics
Israel Culture
Israel Sports
World News
Islamic Terrorism
Middle East
Iran News
Isis Threat
Arab-Israeli Conflict
Gaza News
US Politics
Diaspora
Antisemitism
Opinion
Podcast
Judaism
Torah Portion
Jewish Holidays
List of holidays
Kabbalah
Christian World
Health & Wellness
Sleep
Mind & Spirit
Nutrition
Coronavirus
Exercise
Pregnancy & Birth
Parenting
Science
Law
Archaeology
Environment & Climate Change
OMG
Antisemitism
Food & Recipes
Jerusalem Post en Español
Sponsored Content
Promo Content
Advertise With Us
Terms of Use
Privacy Policy
Contact Us
Cancel Subscription
Customer Service
About Us

Beware of fake Meta job alerts - it could be North Korean hackers

By MAARIV ONLINE  
Published: OCTOBER 16, 2023 16:48
(photo credit: Istockphoto)
(photo credit: Istockphoto)

Lazarus, a North Korean hacker group, poses as Meta recruiters on LinkedIn to scam a Spanish aerospace firm.

In a recent cyberattack, operatives of North Korea's Lazarus Group successfully infiltrated the network of a Spanish aerospace company.

They reached out to the company's employees via LinkedIn's messaging service, disguising themselves as legitimate recruiters from Meta, and presented them with two deceptive "coding challenges" as part of a fake hiring process. The company employees fell for the ruse, leading to the inadvertent download of the LightlessCan malware onto their devices.

LightlessCan, categorized as a Remote Access Trojan (RAT), provides hackers with the ability to control the target computer discreetly.

This insidious malware granted Lazarus operatives unrestricted access to the employees' devices, enabling them to pilfer sensitive information. The breach came to light when an employee of the Spanish company discovered the malware on their device and promptly reported it to the cybersecurity firm ESET, who then investigated and unveiled the true nature of the attack.

Advertisement

North Korean cyber espionage

Credit: INGIMAGE
Credit: INGIMAGE

ESET successfully identified the Lazarus Group as the culprits, with it being part of the Operation DreamJob cyber campaign, primarily focused on cyber espionage.

This case serves as a stark reminder of the critical need for heightened information security awareness among company employees, particularly when utilizing social media platforms for professional purposes.

It underscores the fact that even recruiters from renowned companies can be impersonated by highly sophisticated attackers.

Related Tags
Spain
North Korea
cybersecurity
hack
Meta

×
Email:
×
Email: