Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign
Feb 05, 2025
Cryptocurrency / Data Breach
The North Korea-linked Lazarus Group has been linked to an active campaign that leverages fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver malware capable of infecting Windows, macOS, and Linux operating systems. According to cybersecurity company Bitdefender, the scam begins with a message sent on a professional social media network, enticing them with the promise of remote work, part-time flexibility, and good pay. "Once the target expresses interest, the 'hiring process' unfolds, with the scammer requesting a CV or even a personal GitHub repository link," the Romanian firm said in a report shared with The Hacker News. "Although seemingly innocent, these requests can serve nefarious purposes, such as harvesting personal data or lending a veneer of legitimacy to the interaction." Once the requested details are obtained, the attack moves to the next stage where the threat actor, under the guise of a recruiter, shares a lin...