Skip to content

Lazarus hackers target macOS users luring them with crypto dream job offers

Lazarus hackers target macOS users luring them with crypto dream job offers

The infamous North Korean hackers known as the ‘Lazarus Group’ are at it again; this time targeting unsuspecting Apple macOS users hoping to land a dream job in the cryptocurrency industry.

Specifically, in what is the latest variant of a hacking campaign dubbed ‘Operation In(ter)ception,’ the hackers have been luring macOS users with enticing job offers at crypto exchange Crypto.com, the cybersecurity company SentinelOne said on September 26.

How the attacks were carried out

In the orchestrated attack, the hackers have disguised malware as job postings from the popular crypto exchanges, using well-designed and legit-looking decoy PDF documents advertising vacancies for positions such as Art Director – Concept Art (NFT) in Singapore.

Detailing the hacker campaign, SentinelOne said that:

“Although it is not clear at this stage how the malware is being distributed, earlier reports suggested that threat actors were attracting victims via targeted messaging on LinkedIn.”

According to the company’s report, the group has done the same thing back in August 2022, but this time using the fake job postings at the Coinbase crypto exchange, as spotted by researchers at another cybersecurity firm – ESET

Malicious history of the Lazarus Group

Since 2020, the Lazarus Group has been connected with a number of enticing job offerings used to lure in their victims, including in aerospace and defense industries, in a campaign referred to as ‘Operation Dream Job’ where the primary targets were Windows users.

The group has also been involved in multiple thefts in the crypto industry, including the attack on Harmony network’s Horizon bridge in June, which forced the blockchain company to mint over 2 billion ONE tokens in an effort to compensate about 65,000 victims of the $100 million hack.

Meanwhile, the mixing service Tornado Cash has been implicated in the scandal in which the United States Treasury Department alleged that it was used by multiple hacker groups, including the Lazarus Group, to launder stolen assets, as Finbold reported.

Best Crypto Exchange for Intermediate Traders and Investors

  • Invest in cryptocurrencies and 3,000+ other assets including stocks and precious metals.

  • 0% commission on stocks - buy in bulk or just a fraction from as little as $10. Other fees apply. For more information, visit etoro.com/trading/fees.

  • Copy top-performing traders in real time, automatically.

  • eToro USA is registered with FINRA for securities trading.

30+ million Users
Securities trading offered by eToro USA Securities, Inc. (“the BD”), member of FINRA and SIPC. Cryptocurrency offered by eToro USA LLC (“the MSB”) (NMLS: 1769299) and is not FDIC or SIPC insured. Investing involves risk, and content is provided for educational purposes only, does not imply a recommendation, and is not a guarantee of future performance. Finbold.com is not an affiliate and may be compensated if you access certain products or services offered by the MSB and/or the BD

Read Next:

Finance Digest

By subscribing you agree with Finbold T&C’s & Privacy Policy

Related posts

Sign Up

or

By submitting my information, I agree to the Privacy Policy and Terms of Service.

Already have an account? Sign In

Services

Disclaimer: The information on this website is for general informational and educational purposes only and does not constitute financial, legal, tax, or investment advice. This site does not make any financial promotions, and all content is strictly informational. By using this site, you agree to our full disclaimer and terms of use. For more information, please read our complete Global Disclaimer.