North Koreans Creating Fake Applications to Land Crypto Jobs, Says Researchers

Cybersecurity experts claim North Korean hackers are posing as job applicants for crypto jobs in wealthy countries to fund government operations.

So-called North Korean software developers are scraping LinkedIn and job site Indeed to steal profile information from legitimate applicants to apply for jobs at U.S. crypto firms.

Security researchers at the cybersecurity firm Mandiant found an application from a supposed software developer that matched the semantics of an existing profile.

Researchers say the North Koreans can get a head start on emerging cryptocurrency trends from cryptocurrency firms if employed, giving them cutting-edge tools to evade sanctions imposed on Pyongyang. In other words, firms could face potential danger from insiders.

Tentacles continue to spread

But the tactics don’t stop there. Analysts say North Koreans are finding novel ways to find a position from which they can send money back home. Some applicants claim to have authored a whitepaper about a cryptocurrency exchange Bibox. Another pretended to be a senior software developer at a blockchain consultancy firm. Researchers also found freelance positions at certain undisclosed crypto firms filled by North Koreans.

They have also seeded the popular software repository site GitHub with questions, as the site is a nerve center for discussing trends in the cryptocurrency industry and is a hub of collaboration between software developers.

In May, the U.S. government issued guidance on information technology workers from North Korea. The note warned American employers that the communist state dispatches skilled IT workers to generate income for developing weapons of mass destruction. In-demand skill-sets such as app and software development are being filled by North Koreans that pretend to be of a different nationality. Popular pseudo-nationalities include South Korean, Chinese, Japanese, and eastern European. While many of these jobs are legitimately carried out, the U.S. government explained that some freelancers had exploited access to sensitive data to feed the regime back home.

Lazarus Group joins the fray

According to Alphabet Inc.’s Google, North Korean hackers are suspected of having hacked career site Indeed.com to collect applicant data that can be used to strike up conversations that eventually lead to a breach of applicants’ machines, according to Ryan Kalember from Proofpoint Inc. He added that fake websites are becoming increasingly convincing.

Hackers from the notorious collective known as the Lazarus Group sent bogus emails offering people jobs at Lockheed Martin. The emails used social engineering methods that appealed to people’s egos and contained seemingly-innocent attachments laced with malicious code.

The Lazarus Group is also suspected of being behind the $600 million-plus hack of the Ronin sidechain used in the NFT game Axie Infinity earlier this year.

Researchers at Mandiant suggest that North Korea’s focus on end-users, crypto businesses, and sidechains comes after traditional financial institutions hardened their cybersecurity to avoid becoming victims of illicit fund flows.

What do you think about this subject? Write to us and tell us!

The post North Koreans Creating Fake Applications to Land Crypto Jobs, Says Researchers appeared first on BeInCrypto.

Earning Passive Income With Crypto

Related Posts

SHIB Metaverse: How Will it Impact the Price of Shiba Inu?

SHIB Metaverse: Shiba Inu is one of the best-known cryptocurrencies on the market, and was launched in August 2020. A little over 5 months ago, it announced…

PoW Miners Rake in Profits Mining ETH Until the End, Ethash Networks Expect a Boost, JPMorgan Strategists Say ETC Could Benefit

In just over a month’s time, The Merge is likely to be implemented on the Ethereum blockchain and the network’s proof-of-work (PoW) miners will be forced to…

Another Stablecoin Depegs From USD Parity, Polkadot-Based AUSD Loses 98% in Value

2022 has been the year of broken stablecoins as a myriad of dollar-pegged crypto assets depegged from their dollar value this year. On August 14, the Polkadot-based…

Weekly NFT Sales Show Improvement, Fantom and Immutable X NFT Volume Spikes

Non-fungible token (NFT) sales managed to climb higher during the last seven days than the previous week’s overall sales. This week’s NFT sales managed to jump over…

Aave Responds to Blocking Addresses Over Tornado Cash Clampdown

DeFi lending protocol Aave Protocol said the TRM API on its app was responsible for blocking addresses that received ETH from unknown sources through Tornado Cash. In…

Brazilian Crypto Investment Platform Bluebenx Stops Withdrawals Under Hack Allegations

Bluebenx, a Brazil-based cryptocurrency investment platform, suspended withdrawals last week due to an alleged hack that made the company lose more than $31 million. The company announced…