You've successfully subscribed to INFIMA Security
Great! Next, complete checkout for full access to INFIMA Security
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.

LinkedIn Recruiter? Or North Korean Hacker?

North Korean hackers elevated attacks on drugmakers in recent weeks.

Such a fine line, right??

Is it a legitimate recruiter wanting to share a promising new job offer?
Or is it one of Kim Jong Un's army of well-trained North Korean hackers baiting you to click on a malicious email attachment?

The hackers posed as recruiters on networking site LinkedIn and WhatsApp to approach AstraZeneca staff with fake job offers.

North Korea is amongst a number of countries, including Russia and China, attempting to hack Coronavirus vaccine makers.

In this case, the cyber con-artists targeted AstraZeneca, the British drugmaker that recently announced promising results from COVID-19 vaccine trials.

Wait, so back to how this whole attack started...

The hackers targeted a "broad set of people" from the drugmaker with LinkedIn messages, purporting to be recruiters. And with the state of the world, it's not hard to believe that recruiters are feverishly active in finding talent in the vaccine industry right now.

Cyberattacks against health bodies, vaccine scientists and drugmakers have soared during the COVID-19 pandemic.

A well-crafted message from a recruiter can easily pass the believability test for these "candidates."

Next, the "recruiter" sends the "candidate" an email with important job and interview details attached.

Again, believable, right?

And that email attachment is exactly where the malicious code resides, ready to be unleashed when the "candidate" downloads the file.

We're in a crazy world! And these attackers feast on chaos and confusion all around.

The good news is that these hacks can be stopped!

The first step is training your team to avoid the initial Phishing email, the ones these healthcare organizations are getting every single day.

Are you ready to take action?
We make it easy to protect your team from attacks just like this one. Find out how to protect your team with INFIMA's Automated Security Awareness platform.

Start with a quick quote - hit us up here! (No sales call necessary!)

Shout out to Reuters for a great article on this.

Joel Cahill

Cybersecurity enthusiast. Entrepreneur.