Hackers mislead macOS users with crypto fantasy jobs
The notorious North Korean hacking collective known as the “Lazarus Group” has struck again, this time aiming their sights upon unwary Apple macOS users who are actively seeking employment in the bitcoin business.
Cybersecurity firm SentinelOne said on September 26 that the hackers’ newest version of a hacking operation codenamed “Operation In(ter)ception” targeted macOS users by posing as an employer offering prestigious jobs at the cryptocurrency exchange Crypto.com.
In the planned operation, the hacker’s disguised malware as job posts from renowned cryptocurrency exchanges, using well-designed and legitimate-looking decoy PDF documents to advertise jobs such as Art Director – Concept Art (NFT) in Singapore.
SentinelOne detailed the hacking effort, stating: “Although it is still unclear how the virus is being transmitted, prior reports indicated that threat actors were luring victims with targeted LinkedIn messages.”
According to the company’s study, the organization did the same thing in August 2022, but this time they employed phoney job listings on the Coinbase cryptocurrency exchange, which were discovered by ESET.
Since 2020, the Lazarus Group has been linked to a variety of appealing employment opportunities, including those in the aerospace and military sectors, as part of a campaign known as “Operation Dream Job” whose main targets were Windows users.
The organization has also been implicated in other breaches in the cryptocurrency business, including the June assault on Harmony network’s Horizon bridge, which compelled the blockchain startup to manufacture over 2 billion ONE tokens to pay around 65,000 victims of a $100 million heist.
Finbold revealed that the mixing service Tornado Cash was entangled in the incident in which the United States Treasury Department said it was utilized by several hacking organizations, such as the Lazarus Group, to launder stolen funds.