Lazarus Group Targets Bitcoin CompanyLazarus Group Targets Bitcoin Company
The cybercrime group blamed for attacks on the SWIFT financial network launches a spearphishing campaign to steal employee credentials at a London cryptocurrency company.
December 15, 2017
Security researchers believe the Lazarus Group - believed to be responsible for the massive 2014 breach at Sony and the 2016 attacks on the SWIFT network - is now targeting employees of a London cryptocurrency company with a phishing campaign, in an effort to gain remote control of employees' devices, Reuters reports.
Researchers at Secureworks Counter Threat Unit discovered the campaign, which aims to lure employees to click on a link for a chief financial officer job opening. The link then downloads malware onto users' devices and gives attackers remote control of the device.
The technology used in this particular campaign is similar to ones used in other campaigns tied to Lazarus, which is linked to the North Korean government, Reuters reports.
Secureworks, which came across the Lazarus phishing campaign as recently as last month, believes the group's efforts are still ongoing, Reuters notes.
Read more about the phishing campaign here.
About the Author(s)
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks