How Lazarus Group is Using LinkedIn to Steal Crypto
LinkedIn has been used by the North Korean hacker team Lazarus as a platform for targeted malware attacks, focusing on the digital currency industry. According to research released by blockchain security analytics company SlowMist, the Lazarus group has been impersonating job-seeking blockchain developers to get access to corporate networks.
Lazarus group impersonation targets crypto assets
SlowMist claims that hackers ask for help when working on projects that need access to code repositories. When employees give this access without thinking twice, they put themselves at risk because the shared code samples contain dangerous elements intended to steal financial assets and sensitive data.
Lazarus has a long history in cyber security, having appeared first in 2009. As time passes, they are among those who perpetuated some of the notable cryptocurrency scams in the financial sphere. The most common Ronin Bridge hack is well known for the malicious transfer that happened there. $625 million was transferred to the account.
These cyber criminals frequently use hi-tech ways not to be uncovered, such as obscure transfers employed to move the stolen funds back to North Korea. Those funds are often moved and cleaned away by crypto mixing services, which are reported as necessary to feed the most expensive weapon of war of North Korea.
Final take: Measures in countering persistent cyber threats
Although the blockchain architecture has this decentralized nature, which seems to complicate the position of crypto platforms when tracing and stopping such illicit transfers, these platforms adversely employ enhanced security measures.
Cybercriminals still use platforms like LinkedIn to create cyber threats. This shows the dynamic nature of cybercrimes and the fact that all technology users need to remain extra vigilant. Crypto companies advocate strengthening their security protocols and holding seminars with their employees about the possible threats and consequences of unauthorized online dealings/interactions with unidentified parties.
This industry response to such threats has been rather robust and has witnessed more reinforcement of digital asset security and the fencing of credentials. Nevertheless, organizations’ creativity compels constant changes and allocation of funds to cybersecurity to protect them from data leaks and theft of financial resources.
The Lazarus syndicate LinkedIn activity alerts us that dangers exist and are forever present in the digital world. Each attack, whatever its strength, is a cause for an overall collective response geared towards productively eliminating breaches in the future, which needs investors, traders, and social media users to stay alert.
