Warning for millions of iPhone and Android owners – popular app has huge danger

NORTH Korean hackers are posing as LinkedIn recruiters to distribute hacked versions of software to unsuspecting victims.

According to security researchers at Microsoft, a number of major U.S. organisations have been targeted using the sneaky technique.

1

Those groups include major players in the media, defence and aerospace, and IT services industries, Microsoft said on Thursday.

Microsoft pinned the blame on members of Lazarus, one of North Korea’s most notorious state-sponsored hacking groups.

Its list of high-profile hacks includes an ingenious cyber heist on the Central Bank of Bangladesh in 2016 that stole $81million.

Lazarus is also believed to have been responsible for the spread of the WannaCry ransomware in 2017 that shut down parts of the NHS.

According to Microsoft, the group is now hunting down its next target using fake LinkedIn profiles.

An attacker poses as a recruiter on the business-oriented social network and sends employees of a major firm a direct message.

Posing as a LinkedIn recruiter, they build trust with the victim and encourage them to move over to WhatsApp.

Once they’ve established a chat there, they send over a fake version of popular open source software containing a virus.

Open source software is a computer programme that anyone can use or modify for free, and is popular in tech-savvy industries such as IT.

The attackers’ software includes dodgy versions of PuTTY, KiTTY, TightVNC, Sumatra PDF Reader, and muPDF/Subliminal Recording software installer. 

Once downloaded, it releases North Korean malware that infects the victim’s computer, Microsoft said.

The U.S. tech giant said the purpose of the attacks appears to be cyberespionage and attempts to steal money or data.

It could also be corporate network sabotage, Microsoft added.

It’s a state-sponsored version of a common form of cyber attack called a phishing attack.

Phishing attacks lure victims to click on a website or download a file that appears to be from a trusted entity, such as a bank, social media platform or other service.

The website, however, is phoney with fake content designed to persuade a victim to enter sensitive information, like a password or email address.

It’s important to only access websites or files sent to you by people you trust.

Best Phone and Gadget tips and hacks

Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…

We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]