Malware

New North Korean Social Engineering Campaign Targets Crypto Sector

Credit: Adobe Stock Images

Cryptocurrency industry workers have been targeted by North Korean threat actors leveraging job lures on LinkedIn to enable RustDoor malware compromise, according to The Hacker News.

North Korean hackers' social engineering attacks involved the spoofing of a recruiter for decentralized cryptocurrency exchange STON.fi on LinkedIn to lure targets into downloading a malicious Visual Studio project claimed to be part of a coding challenge but downloads RustDoor via the "VisualStudioHelper" and "zsh_env" second-stage payloads, which function as backdoors but communicate with separate command-and-control servers, a Jamf Threat Labs report showed. Such findings should prompt increased employee training and vigilance on cybersecurity threats across the cryptocurrency sector amid increasingly sophisticated techniques leveraged by threat actors.

"These social engineering schemes performed by the DPRK come from those who are well-versed in English and enter the conversation having well researched their target," said Jamf Threat Labs researchers.

Related Terms

Adware

You can skip this ad in 5 seconds

Cookies

This website uses cookies to improve your experience, provide social media features and deliver advertising offers that are relevant to you.

If you continue without changing your settings, you consent to our use of cookies in accordance with our privacy policy. You may disable cookies.