How North Korea uses fake encryption ads to penetrate the Indians star-news.press/wp
Cisco Talos reported that a group of pirates in North Korea called “famous Chollima” focuses attacks on the applicants for encryption in India. This group seems to have no direct contact with Lazaros.
Currently, it is difficult to determine whether these efforts are simple thefts or the primary basis of larger attacks. Service seekers in the encryption industry must be careful to move forward.
Crowns continues in North Korea
The Lazarus Group in North Korea has a tremendous reputation for the crime of encryption, which commits the greatest penetration in the history of industry. However, it is not the only criminal Web3 Corporation in the country, as North Korea has a great presence in Defi.
Cisco Talos It was identified Some modern criminal activities in India take a different approach to the theft of encryption:
Reports indicate that the famous Chollima is not new; He has been working since mid -2014 or before. In many recent incidents, North Korean infiltrators tried to infiltrate into US -based encryption companies such as Kraken by applying for open job lists.
The famous Chuelima did, and attracted potential workers with false applications.
“These campaigns include … creating fake business ads and skills design. In the end, users are directed to copying and paste a harmful orders line in order to install the drivers needed to conduct the final skills test phase. (Users affected mostly) in India,” the company claimed.
Besides the enormous Lazarus reputation, famous hunting efforts in Chollima seem more attractive. Cisco claimed that the group’s fake applications will always simulate the famous encryption companies.
This magic has not used any actual brand of real companies, and to ask questions that were not related to the supposed jobs concerned.
Swallow the taste
Victims are lured through fake employment sites that are well -known companies for technology or encryption. After filling the requests, they are invited to an interview.
During this process, the site asks them to run commands instructions-the demands for them to install video drivers-which already download and install harmful programs.
Once installed, Pyangghost gives the attackers full control over the victim’s system. It steals reliance data on login, browser data and encryption portfolio information, and targets more than 80 common extensions such as Metamask, Phantom and 1Password.
Recently, after thwarting an attack from harmful programs, Bitmex claimed that Lazaros used at least two teams: a low skills team to initially breach safety protocols and a high -skilled team to conduct subsequent thefts. Perhaps this is a common practice in the North Korean piracy community.
Unfortunately, it is difficult to take any fixed conclusions without speculation. Does North Korea want to penetrate these applicants to better form them as researchers for the coding industry?
Uers should be careful of unwanted job offers, avoid operating unknown orders, secure their systems while protecting the end point, MFA, and monitoring the extension of the browser.
Always check the legitimacy of employment gates before sharing any sensitive information.
Disintegration
In adherence to the confidence project guidance, beincrypto is committed to unprepared and transparent reporting. This news article aims to provide accurate information in time. However, readers are advised to independently verify facts and consult with a professional before making any decisions based on this content. Please note that the terms, conditions, privacy policy have been updated and the evacuation of responsibility.
https://beincrypto.com/wp-content/uploads/2023/02/BIC_NorthKorea_neutral_3.png
2025-06-18 22:11:00
