Is your freelance IT worker actually a North Korean operative?
29.09.2023 - 17:04 / pcmag.com
Looking to work for Meta? Make sure that job offer is legit. North Korean hackers have been spotted posing as recruiters for Facebook parent company Meta to trick users into loading malware on their computers.
The findings come from antivirus provider ESET, which recently investigated a 2022 breach at an unnamed Spanish aerospace company. ESET traced the intrusion to a hacker-controlled account on LinkedIn that was impersonating a recruiter for Meta.
The suspected North Korean hackers contacted multiple employees at the Spanish aerospace company using LinkedIn Messaging. “Masquerading as a Meta recruiter, the attacker used a job offer lure to attract the target’s attention and trust,” ESET says.
The "recruiter" sent prospective employees coding challenges, or quizzes, so they could demonstrate their programming skills. But in reality, the coding challenges were malicious software packages and included a downloader designed to “deploy any desired program into the memory of the victim’s computer,” ESET says.
Once the downloader was installed, the hacker delivered two different remote-access Trojans, which can hijack access to a PC. One of those Trojans was previously used in campaigns from the notorious North Korean group Lazarus, perhaps best known for their cryptocurrency heists and the 2014 Sony Pictures hack.
ESET also notes that employees who fell for the scheme were using “corporate computers for personal purposes." As a result, the North Korean hackers had easy access to the Spanish aerospace company’s network. “The final goal of the attack was cyberespionage,” possibly to further North Korea’s own aerospace and nuclear weapons ambitions.
During the intrusion, the North Korean hackers also deployed a newly discovered remote-access Trojan, dubbed “LightlessCan,” which was found to be fairly sophisticated. For example, it can only be decrypted for activation on the intended victim’s PC. It’ll also mimic “the functionalities of a wide range of native Windows commands,” to hide itself from detection.
The remote-access Trojan shows Lazarus has found ways to further prevent antivirus providers from detecting their activities. “The attackers can now significantly limit the execution traces of their favorite Windows command line programs that are heavily used in their post-compromise activity,” ESET added. “This maneuver has far-reaching implications, impacting the effectiveness of both real-time monitoring solutions and of post-mortem digital forensic tools.”
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms
Is your freelance IT worker actually a North Korean operative?
After two big crossovers with One Punch Man and Diablo 4 — and a smaller brand deal with Korean eyewear company Gentle Monster — Overwatch 2’s next collaboration will be with K-pop group Le Sserafim. Blizzard’s partnership with Le Sserafim is Overwatch’s first musical artist collaboration, and will include in-game components and an appearance from the group at next month’s BlizzCon.
Like a Dragon Gaiden: The Man Who Erased His Name will launch with only Japanese voice acting at first, with English dubbing expected to be added after release.
Apple’s first OLED iPad Pro lineup is expected to debut next year, which can only mean that it will unveil the first MacBook Pro family with the same technology, too, right? Unfortunately, one report states that a transition from mini-LED to OLED will not be possible without the manufacturers setting up the required production lines, and that will take years to complete.
Sony has announced that PS5 cloud streaming for PlayStation Plus Premium goes live on October 17th in Japan, October 23rd in Europe and October 30th in North America. There will be several titles from the PlayStation Plus Game Catalog to stream, with “hundreds” of PS5 titles to support the same later.
PlayStation 5 cloud streaming for PlayStation Plus Premium subscribers will launch on October 17 in Japan, October 23 in Europe, and October 30 in North America, allowing users to play PlayStation 5 games without having to download them, Sony Interactive Entertainment announced.
BlizzCon® – the biggest celebration for Blizzard® games, including Overwatch® 2 – is back! Get ready for new reveals, panels, and fun. Also, don’t forget to tune in as the Overwatch World Cup 2023 reaches its exciting finale in front of the live audience in Anaheim, California! Now, you’ll have your chance to get new limited-time collectibles for Overwatch and other Blizzard games with the BlizzCon Collection granted for all live attendees, and available for all players through the Battle.net store!
Lost Ark has been out in the West for some time now, and with the most recent updates the team has launched new Jump Start servers, among other updates to the MMOARPG. Alongside the Western updates, the Korean version of Lost Ark received its Thaemine raid, with players rushing for a world-first completion back in September. Lost Ark feels primed to have a great fall, heralded by those Jump Start servers.
The newest addition to Samsung's iconic S series — the Samsung Galaxy S23 FE — is here, and it is already creating quite a buzz in the smartphone market. The Galaxy S23 FE 5G builds on the success of Samsung's flagship Galaxy S23 series as it comes with all your favourite features, and much more, in one exceptional device which is available at a price point that is affordable.
To celebrate the return of BlizzCon®, we’re rolling out a new set of digital goodies and in-game items called the BlizzCon Collection. All in-person attendees will receive the Legendary Pack of items below included with their purchase of admission. In-person attendees should start to receive their BlizzCon Collection codes beginning October 9, with our goal to have them all delivered by November 4. Remember, if you can’t make it to the show in person, BlizzCon 2023 will be live streaming all BlizzCon Arena content for free. Subtitles will also be available in European Spanish, German, French, Korean, and Mandarin.
Apple has grappled with the development of its in-house 5G modem for years now, and even acquiring Intel’s business for $1 billion did not aid the company’s endeavors. Finding negligible success in this area, the California-based giant had little choice but to extend its partnership with Qualcomm for three more years, but there was a slight chance that Samsung would be brought into the fold, too. Sadly, talks of a deal never went past a certain point, with one report stating that the Korean manufacturer was experiencing supply issues.
Lies of P DLC has seemingly been confirmed through a job listing from developer Neowiz on its Korean website.