DPRK hackers create fake LinkedIn profiles so good that even experts are fooled
North Korea’s Lazarus Group used elaborate personas and encrypted chats to break into major pharma company
In a social engineering attack against a major pharmaceutical company, North Korean hackers used a fake LinkedIn profile with hundreds of connections to trick a computer expert into running malicious code that eventually compromised the corporate network, cybersecurity firm Positive Technologies disclosed this week.
The Sept. 2020 attack described in the report closely resembles malware campaigns by the DPRK-linked Lazarus Group dubbed “Operation North Star” and “Operation Dream Job,” and stands out with a remarkably well-prepared LinkedIn profile that would be difficult to identify as malicious even by cautious employees.
“It’s clear that North Korean
- 01Silence on North Korea’s reunification committee bad sign for talks with South
- 02North Korea is stronger and more resilient than US policymakers think
- 03It’s time for rhetoric to reflect reality: North Korea sanctions don’t work
- 04Full text: Speech marks South Korean President Moon’s fourth year in office
- 05No matter what Biden does, North Korea will still accuse him of ‘hostile policy’
- 06Why South Korea’s Democrats are still the best of a bad bunch for North Korea
- 07Kim Jong Un’s battle with teen spirit, foreign media and bureaucracy goes public
- 08The US policy review is finished, but it’s same old, same old to North Korea