San Francisco, CA | February 6, 2025 –Lazarus Group is hijacking LinkedIn job offers to hack job seekers’ crypto wallets, using JavaScript malware to steal sensitive data.
Job seekers beware! The notorious Lazarus Group, a North Korea-linked cybercriminal gang, is targeting professionals on LinkedIn, luring them with fake job offers only to drain their cryptocurrency wallets.
Cybersecurity experts at Bitdefender uncovered a sophisticated scam where unsuspecting candidates in the crypto and travel sectors receive messages about high-paying remote jobs. Once interested, victims are asked to submit their CVs, GitHub links, or project work, unknowingly exposing personal details to hackers.
This is more than a scam—it’s a full-scale cyber heist. Lazarus is evolving, using social engineering to infiltrate professionals' lives.
After gaining trust, the attacker sends a GitHub or Bitbucket repository with a malicious JavaScript stealer, disguised as a decentralized exchange (DEX) project. Once executed, it silently harvests crypto wallet data, steals browser information, and installs a backdoor for further exploitation.
The malware infects Windows, macOS, and Linux, making it a cross-platform nightmare. It doesn’t stop at stealing crypto wallets—it also logs keystrokes, monitors clipboard activity, and even deploys a hidden crypto miner on victims’ devices. A cybersecurity researcher warned:
This isn’t just about crypto—it’s about control. Victims lose more than money; they lose privacy and security.
Authorities are investigating, but LinkedIn scams are surging, proving no one is safe.
Don’t let hackers or prying eyes track your activity. With ExpressVPN, your data stays encrypted and secure.
Other News At VPNRanks
Hey, wait!
Stay informed on the latest privacy updates, cybersecurity insights, and internet freedom news by following VPNRanks news daily! As your primary resource for critical updates in online security, we ensure you’re always in the know. Make VPNRanks your go-to guide for safeguarding your digital life.
