Hackers Use Fake Job Offers and Open Source Software to Target IT Staff

0
264
New OrBit Malware Infects All Running Processes

Dit bericht verscheen eerder bij FOSSlife

Hackers are using open source software and fake social media accounts to trick software developers and IT staff with bogus job offers that lead to malware attacks, reports Liam Tung.

According to the Microsoft blog, “social engineering campaigns using weaponized legitimate open source software” have been observed from a North Korean group known as ZINC. “The Microsoft Threat Intelligence Center (MSTIC) observed activity targeting employees in organizations across multiple industries including media, defense and aerospace, and IT services in the US, UK, India, and Russia.” 

MSTIC observed ZINC weaponizing “a wide range of open source software including PuTTY, KiTTY, TightVNC,” and more, Tung says. “Mandiant threat analysts also saw the group spear-phishing targets in the tech and media sectors with bogus job offers in July, using WhatsApp to share a trojanized instance of PuTTY.”

Read more at ZDNet.

Dit bericht verscheen eerder bij FOSSlife

Vorig artikelStorPool takes its software-defined storage to the AWS cloud
Volgend artikelNatural History Museum partners with AWS for biodiversity research push