Cyber Espionage on LinkedIn

From Privacy Wiki
Jump to navigation Jump to search
Cyber Espionage on LinkedIn
Short Title Cybercriminals Posed As Recruiters On LinkedIn to Send Malware
Location Global
Date July 2020

Taxonomy Insecurity, Decisional Interference
Information Professional, Behavioral
Threat Actors LinkedIn, North Korean hacking group Lazarus

Affected Employees at the defense companies
High Risk Groups
Secondary Consequences

By posing as recruiters on LinkedIn, hackers have been able to commit cyber espionage.


In July 2020, cybercriminals — believed to be affiliated with the North Korean government — posed as recruiters working at the U.S. defense groups Collins Aerospace and General Dynamics in order to break into the networks of European defense companies.Insecurity

In order to compromise their targets, the cyber attackers made use of social engineering tactics over LinkedIn against various European defense companies in a process that saw them hide behind the “ruse” of “attractive, but bogus”, job offers. The actions of hackers can be seen as Decisional Interference.

Once they had piqued the interest of the employees at the defense companies, the malware was sent over LinkedIn’s chat application under the guise of being documents relating to a new occupational position.

While researchers were unable to reveal the identity of the attackers responsible for the cyber espionage attempts, it did tentatively point to the high-profile North Korean hacking group Lazarus.

Risk Statistics

Laws and Regulations