Firm hacked after accidentally hiring North Korean cyber criminal
Scammer spent four months working at the company
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
A company was hacked after hiring a fake IT professional from North Korea, a new report from theBBChas claimed.
The company, which was not named, operates either in the US, UK, or Australia. It sought to add an IT professional to the team, and tapped into the global talent pool. There, it found a suitable candidate, who obviously went through the hiring process and got the job.
The person that was hired, however, faked their entire identity, including knowledge and previous experience. After being hired, the scammer accessed the company’s infrastructure and downloaded as much sensitive information as they could.
Simple scam, or something more?
The miscreant worked for four months with the company, before allegedly being fired for poor performance. After that happened, the crook threatened to release all of the stolen data on the internet, or sell it to the highest bidder. He demanded a six-figure ransom in exchange for keeping the data private.
According to the BBC, it is not known whether the company paid the ransom or not. It has not been clarified whether this was a deliberate cyberattack against the organization, a disgruntled former employee, or a “simple” scam.
This could either be a simple scam, or a disgruntled former employee taking revenge upon their former employers. However, it could be something more.
Lazarus Group, a North Korean state-sponsored threat actor, is known in the cybersecurity community for its “fake job” attacks. Usually, they would set up a fake job ad on social media and try to “hire” software developers working in high-profile organizations. During the interview process, they would trick the candidate into installingmalware, gaining access to their company’s IT infrastructure.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The attack works both ways, too, since the crooks were seen targeting organizations directly, by trying to get hired. Lazarus apparently goes for people’s cryptocurrency and uses the money to fund the state’s weapons program.
More from TechRadar Pro
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
A new form of macOS malware is being used by devious North Korean hackers
Scammers are using fake copyright infringement claims to hack businesses
Belkin’s Travel Bag for Vision Pro has pockets and is way cheaper than Apple’s own case