Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Ellen Jennings-Trace

North Korean hackers target job seekers with fake interviews

Hacker silhouette working on a laptop with North Korean flag on the background.

Research has found that North Korean cyber criminals tricked unsuspecting ‘candidates’ into downloading fake Windows video conferencing applications which impersonated FreeConference.com. The campaign was labeled ‘Contagious Interview’ after being discovered by analysts.

Discovered by cyber security company ‘Group-IB’, the campaign was reportedly carried out by known threat actor ‘Lazarus’, who has been observed to have run similar operations in the past.

The attacks started through a job search platform, such as LinkedIn or Upwork. The attackers reached out to the intended target to discuss a job opportunity, and invited them to continue the discussion via Telegram. From there, the victim would be asked to download a video conferencing app FreeConference or Node.js for a trial technical task.

Elaborate schemes

Of course, these installers were fake, and the victim unknowingly downloaded malware named BeaverTail, which delivered a backdoor known as InvisibleFerreft, equipped with keylogging, remote control, and browser stealing capabilities. The FBI recently released a statement warning of efforts from North Korean hackers,

“North Korean social engineering schemes are complex and elaborate, often compromising victims with sophisticated technical acumen. Given the scale and persistence of this malicious activity, even those well versed in cybersecurity practices can be vulnerable to North Korea's determination to compromise networks connected to cryptocurrency assets.”

The Lazarus group is infamous and has reportedly been active since 2010. In that time, it has attacked a range of targets, including governments, healthcare, finance, and defense infrastructure.

As always, we recommend only downloading apps from official sources, and verifying the identity of anyone you're speaking to online. We’ve listed our picks for the best malware removal software to help keep your information safe.

Via The Hacker News

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.