When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Lazarus has been creating fake LinkedIn accounts and posting fake job ads across the internet for years.
They offer their victims, often developers, enticing packages, high salaries, and plenty of perks.
This time around, it is the Capital One bank.
Then, they would host the malware on GitHub, masquerading it as a password manager project.
After that, they would find suitable victims, and at one point - ask to test their skills.
The test includes downloading and installing the password manager, and then hunting for bugs.
The entire thing must be finished within half an hour.
The campaign is dubbed VMConnect campaign and its been active since August 2023, more than a year now.
ReversingLabs believe the campaign is still ongoing.
One of Lazarus biggest heists netted them more than half a billion dollars.
ViaBleepingComputer
