Researchers are warning that Lazarus has expanded its marketing campaign utilizing pretend jobs with cryptocurrency exchanges to trick macOS customers into downloading malware.
Simply final month, researchers noticed Lazarus utilizing Coinbase job openings to trick macOS customers into downloading malware. Now, SentinelOne says the identical menace group has expanded its phishing marketing campaign to incorporate fraud job postings at one other cryptocurrency alternate, Crypto.com.
In accordance with the SentinelOne report on the brand new crypto job lure, the extra victims have been initially contacted by Lazarus by LinkedIn messaging.
Lazarus is a sophisticated persistent menace (APT) group with ties to the North Korean state. SentinelOne identified that the assault group has been focusing on cryptocurrency exchanges since 2018, and has particularly used pretend cryptocurrency alternate jobs as lures since 2020.
“The Lazarus (aka Nukesped) menace actor continues to focus on people concerned in cryptocurrency exchanges,” the SentinelOne researchers wrote. “This has been a long-running theme going way back to the AppleJeus campaigns that started in 2018.”
