This article was published on July 31, 2020

North Korean hackers phish for victims with ‘too good to be true’ job offers

The targets were aerospace and defense firms

North Korean hackers phish for victims with ‘too good to be true’ job offers

Times are tough, but don’t let malicious recruiters trick you with job offers too good to be true: North Korean hackers might be luring you into disclosing your private details with tempting career opportunities.

An investigation by McAfee found that North Korean actors have been actively posing as recruiters over the past couple of months in hopes of infiltrating the networks of aerospace and defense firms on multiple continents, CyberScoop reports. The researchers have uncovered a months-long spying campaign that purportedly spread malware across the US and Europe.

It remains unclear how successful the campaign has been so far, but the suspected attackers have been targeting potential victims with emails containing malicious Microsoft Word documents with attractive career opportunities involving active defense contracts. McAfee warns the goal is to inject code which makes it possible to extract further data.

According to the researchers, the campaign is still active.

Curiously, this isn’t the first time North Korea has targeted victims with fake job offers. As CyberScoop points out, a 2018 criminal complaint from the Department of Justice implicated state-sponsored actors in attempting to breach Lockheed Martin with the same ruse.

The trick didn’t work that time, but as the researchers have demonstrated, North Korean hackers haven’t quite given up just yet.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with