Firm hacked after accidentally hiring North Korean cyber criminal

A company was hacked after hiring a fake IT professional from North Korea. It has not been clarified whether this was a deliberate cyberattack against the organization, a disgruntled former employee, or a “simple” scam.

The company, which was not named, operates either in the US, UK, or Australia. It sought to add an IT professional to the team, and tapped into the global talent pool. There, it found a suitable candidate, who obviously went through the hiring process and got the job.

The person that was hired, however, faked their entire identity, including knowledge and previous experience. After being hired, the scammer accessed the company’s infrastructure and downloaded as much sensitive information as they could.

Simple scam, or something more?

The miscreant worked for four months with the company, before allegedly being fired for poor performance. After that happened, the crook threatened to release all of the stolen data on the internet, or sell it to the highest bidder. He demanded a six-figure ransom in exchange for keeping the data private.

According to the BBC, it is not known whether the company paid the ransom or not.

This could either be a simple scam, or a disgruntled former employee taking revenge upon their former employers. However, it could be something more.

Lazarus Group, a North Korean state-sponsored threat actor, is known in the cybersecurity community for its “fake job” attacks. Usually, they would set up a fake job ad on social media and try to “hire” software developers working in high-profile organizations. During the interview process, they would trick the candidate into installing malware, gaining access to their company’s IT infrastructure.

The attack works both ways, too, since the crooks were seen targeting organizations directly, by trying to get hired. Lazarus apparently goes for people’s cryptocurrency and uses the money to fund the state’s weapons program.

Via BBC

North Korean Lazarus hackers are using a fake coding test to steal passwordsHere’s a list of the best firewalls todayThese are the best endpoint protection tools right now

Related posts

Oh the irony: T-Mobile launches Internet Backup plans for businesses on the day it suffered its biggest outage of 2024

GeForce Experience is dead – replaced by the Nvidia App – and good riddance

2025 could be the year of reckoning for AI as a global survey of CFOs shows rampant nervousness about ROI

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More