Security

North Korean Hackers Target LinkedIn Jobseekers with New Malware: How to Stay Safe

10

North Korean hackers, part of the infamous Lazarus group, are targeting jobseekers on LinkedIn with a new wave of scams. Their goal? To infect victims with malware disguised as job offers. Here’s what you need to know and how to stay safe.

Malicious Job Offers on LinkedIn

Research from Bitdefender reveals a new scam within the ongoing Lazarus campaign, dubbed the Contagious Interview operation. The group is using LinkedIn as a platform to lure jobseekers with fake offers. These offers often promise well-paid, flexible remote work. But behind the enticing offers lies a malicious intent—infecting victims with malware.

What You Need to Know

  • Targeted Industries: Hackers focus on high-profile sectors like defense, aerospace, and engineering to steal sensitive information.
  • Fake Jobs: These positions typically involve remote work, cryptocurrency payments, or flexible hours to appear attractive.
  • Infected Files: Victims are tricked into downloading malware disguised as interview feedback or coding tests.

How the Scam Works

  1. Initial Contact: A scammer messages you on LinkedIn, claiming to be a recruiter.
  2. Request for Personal Info: The scammer asks for your CV or GitHub profile, potentially harvesting sensitive data.
  3. Malicious Documents: They send a “feedback” document that contains malware, infecting your device.

Warning Signs of a Scam

  • Vague job descriptions
  • Poor communication or grammar in messages
  • Unverified recruiters or profiles without credentials
north-korean-hackers-linkedin-jobseekers-malware

Stay Safe: Protect Yourself from LinkedIn Scams

To avoid falling victim to these attacks, follow these safety tips:

  • Vet Offers Carefully: Be skeptical of any job that sounds “too good to be true.”
  • Avoid Clicking Links: Do not click links in unsolicited messages or emails.
  • Verify Recruiters: Check for a LinkedIn profile with a verifiable history.
  • Use Multi-Factor Authentication: Enable extra security layers on your LinkedIn account.

Apple’s Latest Update Blocks Malware Variants

In February 2025, Apple rolled out a new patch via its Xprotect tool to block variants of the macOS FerretFamily malware. This malware has been disguised as legitimate software, including Chrome and Zoom installers, to target applicants.

Conclusion

North Korean hackers are increasingly using platforms like LinkedIn to target jobseekers, especially those in high-profile industries. By recognizing warning signs and following security best practices, you can avoid falling victim to these sophisticated scams. Stay cautious and always verify job offers carefully.

Stay in the Loop

Get the daily email from NewForTech that makes reading the news actually enjoyable. Join our mailing list to stay in the loop to stay informed, for free.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Captcha verification failed!
CAPTCHA user score failed. Please contact us!

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recommended Article
NewForTech

Related Posts

NewForTech - Explore cutting-edge technology insights, gadget reviews, and tech guides at NewForTech. Stay ahead in the tech world.

support newfortech
Support NewForTech

© NewForTech.