Avast ye! Aye, be on guard, mateys! That sought-after booty o' a job offer might just be a treacherous malware scheme, arr!
2023-08-04
Arrr, me hearties! Avast ye! The scurvy dogs at ESET be warnin' us that these landlubber hackers be usin' deceitful PDFs as letters o' job offers, just like the ones from honest companies. Curse their black hearts!
The software company ESET has revealed that hackers are now trying to trick people looking for employment by giving them excellent job offers that are actually fake. Those who have experience with the operating system Linux are the initial targets, and the criminal hacker group Lazarus is working hard to additionally target people who work in the software or DeFi (Decentralized Finance) platform industries. We expect this threat to expand into other areas of focus. The hackers with Lazarus, which has previously been thought to be affiliated with the North Korean government, are mostly using social media sites like LinkedIn to send messages with job offers to its victims. However, the messages are simply a ploy to get the victims to download malware. In the message, the hacker will say that the job seeker has been offered a wonderful position and attaches what looks like a PDF file, stating that this is the offer agreement and that the person must download it to view the details of the newly offered job opportunity. If the person clicks the file to download it, then a fake PDF file will appear to fool them while the malware downloads a payload in the background and infects their device. Launching this malware directly at Linux means that Lazarus has officially been successful in targeting all major desktop operating systems. They overlapped with Operation In(ter)ception, which initially started with aerospace, military, and defense companies that used Windows-only tools. They then moved on to targeting macOS in July and August starting last year and have now conquered the Linux operating system as well. ESET also claims that Lazarus also attacked the 3CX Phone System back in March 2023, which is used by more than 12 million users daily, including companies like American Express, Coca-Cola, and McDonald's. With all these major companies and every main operating system at risk, cybersecurity teams are certainly going to have their work cut out for them when it comes to protecting the safety of users. As of July 2023, it has also been revealed that Lazarus is breaching Windows Internet Information Service (IIS) web servers and using them to distribute malware. IIS is Microsoft's web server solution that is mostly used for hosting websites and application services. The cybersecurity analysts at the South Korean company ASEC have reported that Lazarus has targeted the IIS server to gain access to corporate networks and distribute malware to visitors of these websites or users of the application services. Hackers are increasingly targeting individuals seeking employment by offering fake job opportunities, particularly on social media platforms like LinkedIn. This highlights the importance of being cautious, verifying the legitimacy of employers, double-checking email senders and URLs, avoiding sharing sensitive information upfront, enabling two-factor authentication, keeping software updated, and using strong, unique passwords. Additionally, installing reliable antivirus software on all devices is crucial for protection against malware and phishing attempts. By taking these precautions, you can significantly reduce your risk of falling victim to fraudulent job schemes and safeguard your personal and professional information.