May 25, 2024

North Korean hackers use European privacy laws to hide malicious code

Lazarus Group suspected of a social engineering attack that uses GDPR notice on fake job offer sent via LinkedIn

In a new twist on social engineering attacks with fake job offers, hackers linked to North Korea’s Lazarus Group used the pretense of European data protection laws to gain access to targeted computers, cybersecurity firm F-Secure warned in a report published on Tuesday. 

While recent Lazarus campaigns aimed to break into defense and aerospace companies, the attack described by F-Secure specifically targeted organizations in the cryptocurrency industry. 

Become a member for less than $4 per week.

  • Unlimited access to all of NK News: reporting, investigations, analysis
  • The NK News Daily Update, an email newsletter to keep you in the loop
  • Searchable archive of all content, photo galleries, special columns
  • Contact NK News reporters with tips or requests for reporting
Get unlimited access to all NK News content, including original reporting, investigations, and analyses by our team of DPRK experts.
Subscribe now

All major cards accepted. No commitments – you can cancel any time.