Watch Out for This New LinkedIn Job Scam

Job recruiting campaigns are just the latest internet channel that hackers are using to lure in victims.

Malware researchers have uncovered a fake job recruiting operation that is targeting LinkedIn users.

This latest recruiting-themed lure has been devised by “actors affiliated with North Korea.” It is one of many from the rogue nation to be added to your list of LinkedIn scams to avoid.

Fake Recruiting

The scam kicks off as a job recruiting campaign. When LinkedIn users reply, they get sent a ZIP file “that contained COVERTCATCH malware disguised as a Python coding challenge,” explain researchers Robert Wallace, Blas Kojusner, and Joseph Dobson from Google-owned Mandiant.

This is their way in, as the malware then compromises the victim’s MacOS system by downloading a second-stage payload.

 

About Tech.co Video Thumbnail Showing Lead Writer Conor Cawley Smiling Next to Tech.co LogoThis just in! View
the top business tech deals for 2024 👨‍💻
See the list button

This “establishes persistence” or allows the hackers to maintain access using Launch Agents – programs that run automatically when a Mac users logs in – and Launch Daemons – the files that interact with a Mac’s service management framework.

One of Many Scams to Watch Out For

TheHackerNews adds that this is one of many recruiting scams being deployed from North Korea at the moment. Others include Operation Dream Job and Contagious Interview.

The report notes that attacks based around recruiting have also been used to deliver malware families such as RustBucket and KANDYKORN. One malicious PDF was disguised as a job description for a “VP of Finance and Operations” at a well-known cryptocurrency exchange. When opened, it dropped RustBucket, which is a second-stage malware.

FBI Warns of Sophisticated Attacks

The Financial Times reported in February that North Korean cyber criminals are now turning to AI tools like ChatGPT to target everyone from Government bodies to private individuals.

Erin Plante, vice-president of investigations at blockchain data platform Chainalysis, told the newspaper: “The attacks are getting very sophisticated – we are not talking about a badly worded email that says ‘click on this link. These are detailed profiles on LinkedIn and other social media platforms, which they use to build relationships over weeks and months.”

On September 3, the FBI released a stark warning to people working in the crypto-industry that North Korean scammers were targeting them.

In an alert, the organization writes that: “The Democratic People’s Republic of Korea (“DPRK” aka North Korea) is conducting highly tailored, difficult-to-detect social engineering campaigns against employees of decentralized finance, cryptocurrency, and similar businesses to deploy malware and steal company cryptocurrency.”

It warned that even the canniest of employees could be tripped up. “The actors may reference personal information, interests, affiliations, events, personal relationships, professional connections, or details a victim may believe are known to few others,” the FBI said.

Similar tactics have been used on LinkedIn but the scammers are also simply preying on people who are looking for a new job with what looks like something completely innocent.

Always lead with suspicion, use antivirus software and, if it seems too good to be true, it is.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Katie has been a journalist for more than twenty years. At 18 years old, she started her career at the world's oldest photography magazine before joining the launch team at Wired magazine as News Editor. After a spell in Hong Kong writing for Cathay Pacific's inflight magazine about the Asian startup scene, she is now back in the UK. Writing from Sussex, she covers everything from nature restoration to data science for a beautiful array of magazines and websites.
Explore More See all news
Back to top
close Building a Website? We've tested and rated Wix as the best website builder you can choose – try it yourself for free Try Wix today