FlagThis

The Lazarus Group, a North Korean cyber threat actor, is using LinkedIn to target organizations across various sectors. The group uses social engineering to establish contact, then moves communications to other platforms, and tricks victims into downloading malware. This includes posing as recruiters with fake job offers, which ultimately lead to malware infection. This activity highlights the risk of using LinkedIn for business purposes without proper security protocols and employee training and also indicates how social media can be used to target unsuspecting users and bypass common network security measures.

The Lazarus Group, a North Korean state-sponsored hacking group, is actively targeting the nuclear industry with sophisticated malware. They are employing new tools and tactics, including trojanized VNC utilities and updated malware like ‘CookiePlus’, to infiltrate target organizations. Their attacks involve complex infection chains and modular malware, showing the group’s enhanced persistence and evasion capabilities. These attacks are aimed at espionage and financial gain.

Hyperliquid, a decentralized derivatives exchange, experienced significant outflows of over $112 million in USDC, triggering concerns about a potential security breach and the involvement of the North Korean hacking group Lazarus. Security experts have warned about Hyperliquid’s vulnerability and potential targeting by the group. Hyperliquid has denied being compromised; however, suspicious transaction activity has been observed and is currently under investigation. These events led to a sharp decline in the price of Hyperliquid’s native token.