When the hacker Lazarus has the victim’s confidence, they add malicious links.
Clicking on these links will trigger a phishing assault.
According to security company SlowMist, LinkedIn users are being targeted by the North Korean-backed cyber-hacker group Lazarus Group, who is pretending to be an executive member of the Chinese blockchain asset management business Fenbushi Capital.
A screenshot uploaded on X by SlowMist’s chief information security officer shows the con artist using the LinkedIn handle “Nevil Bolson ” to pose as a founding partner of Fenbushi. According to 23pds, the imposter used Remington Ong’s photo for their profile. Ong is an actual partner of Fenbushi Capital.
Gaining Victims Confidence
The phony LinkedIn profile belonging to Lazarus Group is still active, searching for programmers. The fake made a LinkedIn post three weeks ago, asking for contact information so they could continue the conversation.
The impersonator would be used by Lazarus to have private LinkedIn conversations with their targets, posing as an investor, and then they would suggest scheduling a meeting. One reason the hacking organization Lazarus pretends to be an employee of an investment firm, according to SlowMist’s blog post, is because it targets well-known DeFi initiatives.
When the hacker Lazarus has the victim’s confidence, they add malicious links that seem like meeting invitations or event pages. Clicking on these links will trigger a phishing assault. According to the CISO of SlowMist, the group was able to identify “Nevil Bolson” as an affiliate of Lazarus via the use of IP address comparisons and a shared attack methodology.
An estimated half of North Korea’s foreign revenue came from state-backed crypto hacker organizations; the United Nations Security Council claims that a significant portion of this money went toward the development of nuclear weapons.
Highlighted Crypto News Today:
MetaWin Founder Launches $ROCKY Meme Coin on Base Network