Hackers Target Professionals with Attractive Job Offers

The renowned North Korean hacker organization Lazarus is using fraudulent employment offers to steal data and access company networks. After LinkedIn, the cyber espionage organization has spread to Upwork, Freelancer.com, We Work Remotely, Moonlight, and Crypto Jobs List.

The Trap Works
The fraud starts with tempting employment offers offering remote work, flexible hours, and big pay. The Lazarus Group advertises fascinating IT, software development, and cryptocurrency jobs to IT workers. Once a candidate displays interest, hackers request their CV or GitHub link to collect information and verify targets.

Hackers deliver a test project or demo file next. It includes malware that steals logins, browser data, and bitcoin wallets. Attackers may steal personal and business data from victims who execute the code.

The Lazarus Group infiltrates business networks, especially in high-value sectors like aerospace, military, and finance, rather than making fast money. They start cyber-espionage activities with phony employment offers.

Possible red flags include unclear job descriptions or vacancies not mentioned on the company’s website.
Recruiters want private email or texting applications.
Strange repositories or files needing unknown code execution.
Spelling or inconsistent recruiter communication.
Safety Tips:
Check employment offerings on the company’s website and email.
Never execute untested code. Use a virtual computer or sandbox to investigate unknown files.
Share less personal information.
Use reputable security software like Bitdefender to prevent attacks from entering your machine.
Job searchers may protect themselves from clever cybercriminals by being cautious and following their intuition. Research is essential before contacting recruiters or executing files.