/* ---- Google Analytics Code Below */

Sunday, October 30, 2022

Microsoft: Hackers are Using Open Source Software, Fake Jobs in Phishing Attacks

 Not very new, except in the details. seen this before.  

ACM NEWS

Microsoft: Hackers are Using Open Source Software, Fake Jobs in Phishing Attacks

By ZDNet

September 30, 2022

Microsoft is warning that hackers are using open source software and bogus social media accounts to dupe software engineers and IT support staff with fake job offers that in reality lead to malware attacks.

A phishing-happy hacking crew linked to North Korea's armed forces has been using trojanized open-source apps and LinkedIn recruitment bait to hit tech industry employees, according to threat analysts from Microsoft's advanced persistent threat (APT) research group.

The Microsoft Threat Intelligence Center (MSTIC, pronounced 'Mystic') has seen the group using PuTTY, KiTTY, TightVNC, Sumatra PDF Reader, and the muPDF/Subliminal Recording software installer for these attack since late April, according to MSTIC's blogpost....

A security team at Microsoft-owned LinkedIn said the same actors created fake profiles to impersonate recruiters from companies in the technology, defense, and media entertainment sectors.

From ZDNet

View Full Article  

No comments: