North Korean hackers are targeting this huge crypto exchange

North Korean hackers are attempting to lure in cryptocurrency experts via bogus job offers for crypto exchange platform Coinbase. As reported by Bleeping Computer, a campaign orchestrated by the well known North Korean Lazarus hacking group has been uncovered, and its target is those involved in the increasingly popular fintech (financial technology) industry.

A depiction of a hacker breaking into a system via the use of code.Getty Images

In what is clearly part of a social engineering attack, the hacking group engages in conversation with targets through LinkedIn, which ultimately culminates in a job offer being presented to the potential victim. Coinbase is a leading cryptocurrency exchange company, so, at face value, many who are not privy to the attack will naturally be interested in adding them to their resumes.

However, if the attack were to succeed, then the consequences could lead to untold amounts of crypto wallets being seized and stolen. Hossein Jazi, who works as a security researcher at internet security firm Malwarebytes and has been analyzing Lazarus since February 2022, said individuals from the cybergang are masquerading as employees from Coinbase. The scam attracts potential victims by approaching them to fill the role of “Engineering Manager, Product Security.”

If that individual falls for the fake job offer, then they’ll eventually be given instructions to download a PDF explaining the job in full. However, the file itself is actually a malicious executable utilizing a PDF icon to trick people. The file itself is called “Coinbase_online_careers_2022_07.exe,” which seems innocent enough if you didn’t know any better.

But while it opens a fake PDF document created by the threat actors, it also loads malicious DLL codes onto the target’s system.

A fake job offer for Coinbase in the form of a PDF.Bleeping Computer/@h2jazi

After it’s successfully deployed onto the system, the malware will then make use of GitHub as a central command center in order to receive commands, after which it has free rein to carry out attacks on devices that have been breached. U.S. intelligence services have previously issued warnings regarding Lazarus’ activity in issuing cryptocurrency wallets and investment apps infected with trojans, effectively allowing them to steal private keys. And the group’s efforts have been lucrative, to say the least — the FBI found that it had stolen cryptocurrency with a value of over £617 million at the time.

This particular attack, which is connected to a blockchain-based game, materialized due to another deceptive PDF file, which was sent as a job offer to one of the blockchain’s engineers. Once the file was opened, the individual’s system was infected, subsequently paving the way for Lazarus to locate a security flaw and take advantage of it in a big way. In any case, the prospect is a scary one: opening a single PDF file leading to the entire network being compromised.

In the case of Coinbase, which handles billions of dollars in crypto transactions, one can only imagine what the outcome and financial ramifications would be if Lazarus indeed manages to find a way in.

For the time being, if you’re approached by Coinbase in any capacity, it might be a good idea to be cautious of opening any files.

Editors’ Recommendations

Tags:

ala-insurance listed on couponmatrix.ukelf-cosmetics listed on couponmatrix.ukikrush listed on couponmatrix.ukoxygen-freejumping listed on couponmatrix.ukpretty-little-thing listed on couponmatrix.uktravelodge listed on couponmatrix.uk
ala-insurance listed on couponmatrix.ukALA offer superb-value GAP insurance, that's far better value than most dealers will offer you. In the unfortunate event of your vehicle being written off and the sum your insurer pays you not covering the finance agreement you originally took out, you'll need extra cash from somewhere to make up the balance. A decent policy won't come cheap, but by pairing up the ALA discount code with one of their plans you can enjoy complete peace of mind and happy motoring with a policy underwritten by an A-rated insurer.
elf-cosmetics listed on couponmatrix.ukElf Cosmetics was created with the philosophy in mind that all beauty comes from within, and by using the perfect cosmetics, you can help to capture the true essence of who you are - on the inside and the outside. So why not indulge in quality ingredients for less with an elf discount code, and take your beauty regime to the next level. Designed to give you more confidence in yourself and in your look, you can let your beauty shine with Elf.
ikrush listed on couponmatrix.ukForever crushing on the latest fashion trends? Look no further than iKrush to make all your sartorial dreams come true! Grab an iKrush discount code from us to cut the cost of eye-catching clothing, and whether your everyday style needs an update or you need a special occasion outfit that packs a punch, you won’t have to blow your budget. From glamorous dresses in every colour of the rainbow to stunning accessories for getting your details on point, you can dress to impress from head-to-toe with iKrush in your corner.
oxygen-freejumping listed on couponmatrix.ukBounce, spin and flip your way through hours of fun at Oxygen Freejumping, the trampoline park for people of all ages. With four unique and colourful parks to enjoy throughout the country, find your local freejumping centre and get a great deal on your first booking with an Oxygen Freejumping promo code. With kids classes, annual passes and enough capacity for parties, it’s the perfect spot to bounce off some steam.
pretty-little-thing listed on couponmatrix.ukDress bold and make yourself known with Pretty Little Thing, the woman’s fashion brand that has no trouble turning heads. From cosy faux fur coats to delicate dresses that you’ll adore, you’ll have no shortage of fine threads to get for less with the latest Pretty Little Thing discount code. By constantly inventing new seasonal styles that liven up any wardrobe, Pretty Little Thing ensures it’s always setting rather than following the trend.
travelodge listed on couponmatrix.ukTravel on a budget with Travelodge for a holiday that’s easier on your credit card. From Bristol to Barcelona, there are over 590 Travelodge hotels dotted across the UK, Ireland and Spain, so there’s an affordable stay guaranteed wherever you’re travelling. Room rates start from an incredible £32 or less and amenities like free WiFi and the famous Travelodge breakfast are hard to pass up – families will especially love the free breakfast for kids! Book your room with a Travelodge discount code from Groupon to take the cost down further. We’re tracking all the best Travelodge offers to help budgeters make the most of their break, including exclusive discount codes and gift cards with bookings, so check our page to nab a premium room at the best price. With a Travelodge in every city and so many ways to save, nothing tops Travelodge on affordability, convenience and great value for money.