Summary: The North Korean Lazarus hacking group has innovated its attack techniques, now employing ‘ClickFix’ tactics to target job seekers in the cryptocurrency sector, specifically in centralized finance roles. This method, part of an ongoing campaign known as ‘Contagious Interview,’ utilizes fake website errors to prompt victims to download malware disguised as legitimate fixes. By impersonating well-known companies, Lazarus increases the likelihood of success in their social engineering efforts.
Affected: Cryptocurrency companies, job seekers in centralized finance (CeFi)
Keypoints :
- Lazarus uses ‘ClickFix’ tactics to distribute malware targeting non-technical roles in cryptocurrency firms.
- The malware, ‘GolangGhost,’ is activated through fake errors during supposed remote interviews.
- Employers and candidates must remain vigilant and verify interview invitations to avoid malware infections.