Hiring Fraud | Breaking Cybersecurity News | The Hacker News

A joint investigation led by Mauro Eldritch, founder of BCA LTD , conducted together with threat-intel initiative NorthScan and ANY.RUN , a solution for interactive malware analysis and threat intelligence, has uncovered one of North Korea's most persistent infiltration schemes: a network of remote IT workers tied to Lazarus Group's Famous Chollima division. For the first time, researchers managed to watch the operators work live , capturing their activity on what they believed were real developer laptops. The machines, however, were fully controlled, long-running sandbox environments created by ANY.RUN. The Setup: Get Recruited, Then Let Them In Screenshot of a recruiter message offering a fake job opportunity The operation began when NorthScan's Heiner García impersonated a U.S. developer targeted by a Lazarus recruiter using the alias "Aaron" (also known as "Blaze"). Posing as a job-placement "business," Blaze attempted to hire the fake developer as a frontman; a known Choll...