Tampa Tech Wire - News and Technology From Around The Bay                  

Alert from Microsoft: Fraudulent Skills Assessment Sites Targeting IT Job Seekers

Facebook
Twitter
LinkedIn
Pinterest
Pocket
WhatsApp
Sapphire Sleet's LinkedIn attacks escalate. Malicious domains and recruiting lure tactics.
Laptop with Black Hat Hacker behind padlock

A sub-cluster within the infamous Lazarus Group has established new infrastructure that impersonates skills assessment portals as part of its social engineering campaigns.

Microsoft attributed the activity to a threat actor it calls Sapphire Sleet, describing it as a “shift in the persistent actor’s tactics.”

Sapphire Sleet, also called APT38, BlueNoroff, CageyChameleon, and CryptoCore, has a track record of orchestrating cryptocurrency theft via social engineering.

Earlier this week, Jamf Threat Labs implicated the threat actor to a new macOS malware family called ObjCShellz that’s assessed to be a late-stage payload delivered in connection with another macOS malware known as RustBucket.

“Sapphire Sleet typically finds targets on platforms like LinkedIn and uses lures related to skills assessment,” the Microsoft Threat Intelligence team said in a series of posts on X (formerly Twitter).

“The threat actor then moves successful communications with targets to other platforms.”

The tech giant said past campaigns mounted by the hacking crew involved sending malicious attachments directly or embedding links to pages hosted on legitimate websites like GitHub.

However, the swift detection and deletion of these payloads may have forced Sapphire Sleet to flesh out its own network of websites for malware distribution.

“Several malicious domains and subdomains host these websites, which entice recruiters to register for an account,” the company added. “The websites are password-protected to impede analysis.”

Latest IT Security

Xerox confirmed that its US-based subsidiary Xerox Business Solutions experienced a data breach.

January 3, 2024

Xerox Business Solutions experienced a data breach which was limited to Xerox...

New DLL Search Order Hijacking Technique Targets WinSxS Folder

January 3, 2024

Attackers can abuse a new DLL search order hijacking technique to execute...

Laptop with Black Hat Hacker behind padlock

Alert from Microsoft: Fraudulent Skills Assessment Sites Targeting IT Job Seekers

November 12, 2023

Sapphire Sleet's LinkedIn attacks escalate. Malicious domains and recruiting lure tactics.

Two PHP Object Injection Vulnerabilities Fixed in Essential Blocks

Two PHP Object Injection Vulnerabilities Fixed in Essential Blocks

September 19, 2023

On August 18, 2023, the Wordfence Threat Intelligence team initiated the responsible...

Facebook
Twitter
LinkedIn
Pinterest
Pocket
WhatsApp
Your subscription could not be saved. Please try again.
Thanks for subscribing!

Newsletter

Never miss any important news. Subscribe to our newsletter.

Leave a Reply

Your subscription could not be saved. Please try again.
Thanks for subscribing!

Newsletter

Never miss any important news. Subscribe to our newsletter.

Latest Jobs

Recent News

Popular

Blog Subscriber Form