29 matches found
Hackers Are Using LinkedIn DMs and PDF Tools to Deploy Trojans
That LinkedIn message pretending to be job offer could just be malwre...
Researchers Capture Lazarus APT's Remote-Worker Scheme Live on Camera
A joint investigation led by Mauro Eldritch, founder of BCA LTD , conducted together with threat-intel initiative NorthScan and ANY.RUN, a solution for interactive malware analysis and threat intelligence, has uncovered one of North Korea's most persistent infiltration schemes: a network of remot...
New Phishing Emails Pretend to Offer Jobs to Steal Facebook Logins
Sublime Security warns of a massive credential phishing scam using fake job offers from brands like KFC and Red Bull to steal Facebook login details. Don't fall for the trap...
BeaverTail and OtterCookie evolve with a new Javascript module
Cisco Talos has uncovered a new attack linked to Famous Chollima, a threat group aligned with North Korea DPRK. This group is known for impersonating hiring organizations to target job seekers, tricking them into installing information-stealing malware to obtain cryptocurrency and user credential...
Iranian Hackers Use Fake Job Lures to Breach Europe’s Critical Industries
New research from Check Point Research reveals the Iranian cyber group Nimbus Manticore is targeting defence, telecom, and aerospace companies in Europe with fake job offers. Learn how they use advanced malware to steal sensitive data...
Netflix Job Phishing Scam Steals Facebook Login Data
Beware of fake Netflix job offers! A new phishing campaign is targeting job seekers, using fraudulent interviews to…...
Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign
The North Korea-linked Lazarus Group has been linked to an active campaign that leverages fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver malware capable of infecting Windows, macOS, and Linux operating systems. According to cybersecurity company Bitdefender, the scam...
Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks
The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group's playbook to orchestrate its own version of the Dream Job campaign targeting the aerospace industry by offering fake jobs since at least September 2023. "The campaign distributed the...
RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers
Several companies operating in the cryptocurrency sector are the target of a newly discovered Apple macOS backdoor codenamed RustDoor. RustDoor was first documented by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering...
Facebook Job Scam
Qualys has confirmed ongoing attacks against multiple brands offering work-from-home remote job offers, advertised through Facebook. Unfortunately, these scams typically see a rise in prevalence following the holidays. Qualys has confirmed cyber criminals are advertising jobs within Facebook to...
Lazarus Group Adds Linux Malware to Arsenal in Operation Dream Job
The notorious North Korea-aligned state-sponsored actor known as the Lazarus Group has been attributed to a new campaign aimed at Linux users. The attacks are part of a persistent and long-running activity tracked under the name Operation Dream Job , ESET said in a new report published today. The...
inDrive: inDriver Job - Admin Approval Bypass
A vulnerability was discovered in the "inDriver Job" application that allowed an attacker to bypass the admin approval process for publishing job offers. This vulnerability enabled the attacker to publish arbitrary content without undergoing the necessary moderation step...
North Korean Hackers Turn to Credential Harvesting in Latest Wave of Cyberattacks
A North Korean nation-state group notorious for crypto heists has been attributed to a new wave of malicious email attacks as part of a "sprawling" credential harvesting activity targeting a number of industry verticals, marking a significant shift in its strategy. The state-aligned threat actor ...
Bogus job offers hide trojanised open-source software
Microsoft researchers are warning of fake job offers where the only actual compensation available is a golden handshake of malware and trickery. The campaign targets those with technical know-how because, despite what some may think, scams are for everybody, not just people unfamiliar with tech...
FBI warns of bogus job postings on recruitment sites
Before Christmas was a busy time down at the fake job factory, with all manner of dubious antics out to ruin someone’s day. We’re now info February and the bogus job offers show no sign of abating. In fact, the FBI considers it to be such a problem that its issued an alert. This isn’t your typica...
Fake job interviews plague major game developers like Riot Games and Rockstar
If you’re job hunting at the moment, be on your guard. The pandemic is still around. Lots of people are in need of employment. Scammers are all too happy to string folks along with bogus employment offers, as is the case here. How have they managed to snare prospective job hunters? Riding on the...
Nation States Will Weaponize Social and Recruit Bad Guys with Benefits in 2022
ARCHIVED STORY Nation States Will Weaponize Social and Recruit Bad Guys with Benefits in 2022 By Raj Samani · October 31, 2021 McAfee Enterprise and FireEye recently released its 2022 Threat Predictions. In this blog, we take a deeper dive into the continuingly aggressive role Nation States will...
Iranian Hackers Target Several Israeli Organizations With Supply-Chain Attacks
IT and communication companies in Israel were at the center of a supply chain attack campaign spearheaded by an Iranian threat actor that involved impersonating the firms and their HR personnel to target victims with fake job offers in an attempt to penetrate their computers and gain access to th...
Hackers Targeting professionals With 'more_eggs' Malware via LinkedIn Job Offers
A new spear-phishing campaign is targeting professionals on LinkedIn with weaponized job offers in an attempt to infect targets with a sophisticated backdoor trojan called "moreeggs." To increase the odds of success, the phishing lures take advantage of malicious ZIP archive files that have the...
North Korean Hackers Used 'Torisma' Spyware in Job Offers-based Attacks
A cyberespionage campaign aimed at aerospace and defense sectors in order to install data gathering implants on victims' machines for purposes of surveillance and data exfiltration may have been more sophisticated than previously thought. The attacks, which targeted IP-addresses belonging to...