Originally published on: November 28, 2024
Hackers linked to the North Korean government are reportedly expanding their social engineering operations to target large multinational information technology companies. According to researchers at the Cyberwarcon cybersecurity conference, two North Korean hacker groups, known as “Sapphire Sleet” and “Ruby Sleet,” are behind these elaborate schemes.
Sapphire Sleet is using fraudulent employment schemes to target individuals, posing as recruiters to trick victims into interviews or job offers. Once the victims are lured in, the hackers infect their computers with malware disguised as harmless files or links during the recruitment process.
On the other hand, Ruby Sleet has managed to breach aerospace and defense contractors in the US, UK, and South Korea to steal military secrets.
The report also reveals that North Korean IT workers are using advanced technologies like AI, social media, and voice-changing tools to create fake identities and infiltrate these companies for recruitment scams.
These activities have raised concerns about cryptocurrency theft, with North Korean hackers previously targeting crypto firms using similar tactics. In August, a crypto sleuth identified 21 developers believed to be North Korean working on crypto projects under false identities.
The FBI also issued a warning in September about North Korean hackers targeting crypto companies with malware disguised as job offers, leading to the theft of private keys. In October, the Cosmos ecosystem faced security concerns over a module allegedly built by North Korean developers known for their crypto theft capabilities.
As these cyber threats continue to evolve, companies in the IT and cryptocurrency sectors must remain vigilant against social engineering scams and malware attacks. Stay informed and protected against these sophisticated hacking strategies to safeguard your data and assets.
