Firm hacked after accidentally hiring North Korean cyber criminal

The person that was hired, however, faked their entire identity, including knowledge and previous experience. After being hired, the scammer accessed the company’s infrastructure and downloaded as much sensitive information as they could.

Simple scam, or something more?

The miscreant worked for four months with the company, before allegedly being fired for poor performance. After that happened, the crook threatened to release all of the stolen data on the internet, or sell it to the highest bidder. He demanded a six-figure ransom in exchange for keeping the data private.

According to the BBC, it is not known whether the company paid the ransom or not. It has not been clarified whether this was a deliberate cyberattack against the organization, a disgruntled former employee, or a “simple” scam.

This could either be a simple scam, or a disgruntled former employee taking revenge upon their former employers. However, it could be something more.

Lazarus Group, a North Korean state-sponsored threat actor, is known in the cybersecurity community for its “fake job” attacks. Usually, they would set up a fake job ad on social media and try to “hire” software developers working in high-profile organizations. During the interview process, they would trick the candidate into installing malware, gaining access to their company’s IT infrastructure.

The attack works both ways, too, since the crooks were seen targeting organizations directly, by trying to get hired. Lazarus apparently goes for people’s cryptocurrency and uses the money to fund the state’s weapons program.

More from TechRadar Pro

• North Korean Lazarus hackers are using a fake coding test to steal passwords
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now