Communications of the ACM
Microsoft: Hackers are Using Open Source Software, Fake Jobs in Phishing Attacks
A security team at Microsoft-owned LinkedIn said the same actors created fake profiles to impersonate recruiters from companies in the technology, defense, and media entertainment sectors.
Credit: Natee Meepian/Shutterstock
Microsoft is warning that hackers are using open source software and bogus social media accounts to dupe software engineers and IT support staff with fake job offers that in reality lead to malware attacks.
A phishing-happy hacking crew linked to North Korea's armed forces has been using trojanized open-source apps and LinkedIn recruitment bait to hit tech industry employees, according to threat analysts from Microsoft's advanced persistent threat (APT) research group.
The Microsoft Threat Intelligence Center (MSTIC, pronounced 'Mystic') has seen the group using PuTTY, KiTTY, TightVNC, Sumatra PDF Reader, and the muPDF/Subliminal Recording software installer for these attack since late April, according to MSTIC's blogpost.
From ZDNet
View Full Article
No entries found