North Korean hackers linked to the $1.4 billion Bybit exploit are reportedly targeting crypto developers using fake recruitment tests infected with malware.
Cybersecurity outlet The Hacker News reported that crypto developers have received coding assignments from malicious actors posing as recruiters. The coding challenges have reportedly been used to deliver malware to unsuspecting developers.
Malicious actors approach crypto developers on LinkedIn and tell them about fraudulent career opportunities. Once they convince the developer, the hackers send a malicious document containing the details of a coding challenge on GitHub. If opened, the file installs stealer malware capable of compromising the victim’s system.
The scam is reportedly run by a North Korean hacking group known as Slow Pisces, also referred to as Jade Sleet, Pukchong, TraderTraitor and UNC4899.
Cybersecurity professionals warn of fraudulent job offers
Hakan Unal, senior security operations center lead at security firm Cyvers, told Cointelegraph that the hackers often