Members of the infamous Lazarus hacking collective targeted a Spanish aerospace company last year by posing as a recruiter for Facebook and Instagram parent Meta.
Cybersecurity researchers at ESET said that sometime last year the fake recruiter reached out to victims via LinkedIn Messaging, and then asked interested"applicants" to download a pair of coding challenges that were part of the hiring process. Those files were laced with malware, and once executed on a company device delivered a remote access Trojan that the researchers dubbed"LightlessCan.
"This is another example that underscores the risks social engineering attacks introduce through social platforms," said Emily Phelps, director of cybersecurity threat intelligence provider Cyware."While platforms like LinkedIn are intended for professional networking, their accessibility makes them prime channels for attackers to target potential victims.
"Combined with breach databases and other information available on the dark web, highly capable organizations like the Lazarus Group are well positioned to conduct attacks against high-value targets like the aerospace industry," warned Antani.
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Companies want to spend more on AI to defeat hackers, but there's a catchAI’s impact on data breaches, and employee misuse of AI, play major roles in the cybersecurity budget planning process.
Read more »
Chinese Hackers Are Hiding in Routers in the US and JapanPlus: Stolen US State Department emails, $20 million zero-day flaws, and controversy over the EU’s message-scanning law.
Read more »
Pro-Russia hackers claim responsibility for crashing British royal family's websitePro-Russia hackers have claimed responsibility for a cyber attack that crashed the British royal family's website over the weekend.
Read more »
Pro-Russia hackers claim responsibility for crashing British royal family's websitePro-Russia hackers have claimed responsibility for a cyber attack that crashed the British royal family's website over the weekend.
Read more »
Pro-Russia hackers claim responsibility for crashing British royal family's websitePro-Russia hackers have claimed responsibility for a cyber attack that crashed the British royal family's website over the weekend.
Read more »
Pro-Russia hackers claim responsibility for crashing British royal family's websitePro-Russia hackers have claimed responsibility for a cyber attack that crashed the British royal family's website over the weekend.
Read more »