北韓 Lazarus 駭客在惡意軟體活動中針對 LinkedIn 用戶

North Korea's Lazarus Hackers: LinkedIn's Latest Victims in Targeted Malware Attacks

北韓的 Lazarus 駭客：LinkedIn 針對性惡意軟體攻擊的最新受害者

In a sinister twist, the notorious North Korean hacker group Lazarus has turned its predatory gaze upon LinkedIn, the professional networking platform, in a brazen attempt to steal confidential information and crypto assets from unsuspecting users. This latest campaign underscores the group's relentless pursuit of illicit gains and its growing sophistication in exploiting vulnerabilities.

一個險惡的轉折是，臭名昭著的北韓駭客組織 Lazarus 將掠奪性的目光轉向了專業網路平台 LinkedIn，厚顏無恥地試圖從毫無戒心的用戶那裡竊取機密資訊和加密資產。這項最新活動凸顯了該組織對非法收益的不懈追求以及利用漏洞的日益成熟。

According to blockchain security firm SlowMist, Lazarus hackers masquerade as blockchain developers seeking employment in the cryptocurrency industry on LinkedIn. By posing as legitimate candidates, they establish contact with potential victims and feign interest in their professional credentials.

據區塊鏈安全公司 SlowMist 稱，Lazarus 駭客偽裝成區塊鏈開發人員，在 LinkedIn 上尋求加密貨幣行業的就業機會。透過冒充合法候選人，他們與潛在受害者建立聯繫，並假裝對他們的專業資格感興趣。

Once trust is established, the hackers request access to their victims' repository to run "relevant code" ostensibly for the purpose of assessing their technical abilities. However, these code snippets conceal malicious payloads that surreptitiously steal sensitive information, which is then leveraged to pilfer assets.

一旦建立信任，駭客就會要求訪問受害者的儲存庫以運行“相關程式碼”，表面上是為了評估他們的技術能力。然而，這些程式碼片段隱藏了惡意有效負載，秘密竊取敏感訊息，然後利用這些資訊竊取資產。

LinkedIn, a platform frequented by professionals seeking job opportunities and networking, has unwittingly become a breeding ground for Lazarus hackers. In a similar incident last December, the group posed as Meta recruiters, luring unsuspecting victims into downloading malware-laced coding challenges.

LinkedIn 是尋求工作機會和人際網絡的專業人士經常光顧的平台，卻在不知不覺中成為了 Lazarus 駭客的溫床。在去年 12 月的類似事件中，該組織冒充 Meta 招募人員，引誘毫無戒心的受害者下載帶有惡意軟體的編碼挑戰。

The infamous Lazarus hacking group, active since 2009, has amassed a staggering $3 billion in stolen crypto assets, solidifying its status as one of the most formidable and organized cybercrime syndicates. Its penchant for innovation in targeting and stealing funds continues to outpace law enforcement efforts.

臭名昭著的 Lazarus 駭客組織自 2009 年以來一直活躍，已積累了價值 30 億美元的被盜加密資產，鞏固了其作為最強大、最有組織的網路犯罪集團之一的地位。它在瞄準和竊取資金方面的創新熱衷於繼續超過執法部門的努力。

In August 2023, Lazarus hackers executed a meticulously planned scheme using fake job interviews to siphon $37 million from crypto payment firm CoinPaid. By enticing individuals with lucrative salary offers, the hackers attempted to infiltrate CoinsPaid's infrastructure and gain access to sensitive information.

2023 年 8 月，Lazarus 駭客執行了一項精心策劃的計劃，利用虛假工作面試從加密支付公司 CoinPaid 竊取了 3700 萬美元。透過以豐厚的薪資誘惑個人，駭客試圖滲透 CoinsPaid 的基礎設施並獲取敏感資訊。

North Korea's reliance on Lazarus hackers for funding its military operations is well-documented. Crypto mixing services facilitate the laundering of stolen funds back to the rogue regime, enabling it to evade sanctions and finance its illicit activities.

北韓依賴 Lazarus 駭客為其軍事行動提供資金是有據可查的。加密貨幣混合服務有助於將被盜資金洗回流氓政權，使其能夠逃避制裁並為其非法活動提供資金。

Despite their notoriety, crypto firms have proven resilient against Lazarus's relentless attacks. The decentralized nature of blockchain technology allows crypto platforms to track and block stolen assets once they are identified. In February 2023, Huobi and Binance successfully froze $1.4 million worth of crypto assets linked to North Korea. Similarly, $63 million worth of assets associated with the Harmony Bridge hack were intercepted by crypto exchanges.

儘管聲名狼藉，但事實證明，加密貨幣公司能夠抵禦 Lazarus 的無情攻擊。區塊鏈技術的去中心化性質允許加密平台在識別被盜資產後追蹤並阻止它們。 2023 年 2 月，火幣和幣安成功凍結了價值 140 萬美元的與北韓相關的加密資產。同樣，與 Harmony Bridge 駭客攻擊相關的價值 6,300 萬美元的資產被加密貨幣交易所攔截。

The Lazarus group's audacious exploitation of LinkedIn highlights the evolving landscape of cybercrime and the need for vigilance among professionals. By masquerading as legitimate job seekers, the hackers have breached the trust of unsuspecting victims, demonstrating their willingness to infiltrate even the most secure platforms.

Lazarus 組織對 LinkedIn 的大膽利用凸顯了網路犯罪不斷變化的格局以及專業人士保持警惕的必要性。透過偽裝成合法求職者，駭客破壞了毫無戒心的受害者的信任，表明他們願意滲透甚至最安全的平台。

As the Lazarus group continues to refine its tactics and expand its reach, collaboration between law enforcement agencies, blockchain security firms, and crypto exchanges will be crucial in combating their illicit activities. By sharing intelligence, deploying advanced detection mechanisms, and freezing stolen assets, the international community can disrupt Lazarus's operations and protect the integrity of the digital ecosystem.

隨著拉撒路集團不斷完善其策略並擴大其影響範圍，執法機構、區塊鏈安全公司和加密貨幣交易所之間的合作對於打擊其非法活動至關重要。透過共享情報、部署先進的檢測機制和凍結被盜資產，國際社會可以擾亂 Lazarus 的運作並保護數位生態系統的完整性。