Lazarus Group is the perpetrator of many of the most costly crypto hacks of 2022. The outfit was alleged to have completed the Ronin (RON-USD) hack, which drained the network of over $625 million in assets. Not two months later, it would be back. The group hacked the Harmony Network (ONE-USD) for $100 million.
Crypto theft is getting far more complex, and a group like Lazarus is adept at what it does. It also has plenty of resources, since it is a group with backing from the North Korean government. Experts believe that Lazarus’s “earnings” help to fund the North Korean state’s nuclear weapons program.
But sometimes, even when hackers are capable of doing something sophisticated, it’s easier to just stick with the basics. Blockchain security company CertiK said in its mid-year damage report that phishing scams and the like are on the rise. These scams don’t take much skill at all, and yet, they are becoming a go-to for thieves. It seems that even Lazarus is leaning into this trend. However, it’s doing so not by going to the victims, but by letting victims come to them.
Crypto.com is the name and brand exploited by the Lazarus Group’s most recent crypto scheme. The company is finding its identity stolen, and the hackers are using its namesake to attract victims straight to them.
A new report suggests that the group is behind a new scheme taking place across social media platforms like LinkedIn. The group is simply posting job listings pretending to advertise Crypto.com positions. Unwitting victims download a PDF file containing details of the listing and other fake jobs at the company. Clicking the link downloads a trojan horse virus to the victim’s computer, through which Lazarus can steal personal and financial information.
It’s a type of phishing scam — a crime in which the criminal gets a user to turn over information or download a file on their own accord. But, unlike typical crypto phishing scams, this tactic employed by Lazarus doesn’t target specific users. In fact, it doesn’t have to do anything but place the job listing; victims come straight to the virus.
It’s also not the first time Lazarus has conducted a scam with this model. In early August, cybersecurity experts warned that it was conducting similar scams, though posing as Coinbase (NASDAQ:COIN) at the time. Victims can be given a sense of false security with the listings cropping up on LinkedIn as well, given the platform’s reputability and hard-line stance on security. All in all, the news does well to reiterate to investors that diligence is a necessity when operating within the crypto space. Lack of regulations means a lack of resources for investigating crimes. Thus, it’s advised that one familiarizes oneself with ways in which they may be targeted.
On the date of publication, Brenden Rearick did not have (either directly or indirectly) any positions in the securities mentioned in this article. The opinions expressed in this article are those of the writer, subject to the InvestorPlace.com Publishing Guidelines.
Brenden Rearick is a Financial News Writer for InvestorPlace’s Today’s Market team. He mainly covers digital assets and tech stocks, with a focus on crypto regulation and DeFi.
Securely connect the portfolio you’re using to start.