朝鲜 Lazarus 黑客在恶意软件活动中针对 LinkedIn 用户

North Korea's Lazarus Hackers: LinkedIn's Latest Victims in Targeted Malware Attacks

朝鲜的 Lazarus 黑客：LinkedIn 针对性恶意软件攻击的最新受害者

In a sinister twist, the notorious North Korean hacker group Lazarus has turned its predatory gaze upon LinkedIn, the professional networking platform, in a brazen attempt to steal confidential information and crypto assets from unsuspecting users. This latest campaign underscores the group's relentless pursuit of illicit gains and its growing sophistication in exploiting vulnerabilities.

一个险恶的转折是，臭名昭著的朝鲜黑客组织 Lazarus 将掠夺性的目光转向了专业网络平台 LinkedIn，厚颜无耻地试图从毫无戒心的用户那里窃取机密信息和加密资产。这一最新活动凸显了该组织对非法收益的不懈追求以及利用漏洞的日益成熟。

According to blockchain security firm SlowMist, Lazarus hackers masquerade as blockchain developers seeking employment in the cryptocurrency industry on LinkedIn. By posing as legitimate candidates, they establish contact with potential victims and feign interest in their professional credentials.

据区块链安全公司 SlowMist 称，Lazarus 黑客伪装成区块链开发人员，在 LinkedIn 上寻求加密货币行业的就业机会。通过冒充合法候选人，他们与潜在受害者建立联系，并假装对他们的专业资格感兴趣。

Once trust is established, the hackers request access to their victims' repository to run "relevant code" ostensibly for the purpose of assessing their technical abilities. However, these code snippets conceal malicious payloads that surreptitiously steal sensitive information, which is then leveraged to pilfer assets.

一旦建立信任，黑客就会请求访问受害者的存储库以运行“相关代码”，表面上是为了评估他们的技术能力。然而，这些代码片段隐藏了恶意有效负载，秘密窃取敏感信息，然后利用这些信息窃取资产。

LinkedIn, a platform frequented by professionals seeking job opportunities and networking, has unwittingly become a breeding ground for Lazarus hackers. In a similar incident last December, the group posed as Meta recruiters, luring unsuspecting victims into downloading malware-laced coding challenges.

LinkedIn 是寻求工作机会和人际网络的专业人士经常光顾的平台，却在不知不觉中成为了 Lazarus 黑客的滋生地。在去年 12 月的一次类似事件中，该组织冒充 Meta 招聘人员，引诱毫无戒心的受害者下载带有恶意软件的编码挑战。

The infamous Lazarus hacking group, active since 2009, has amassed a staggering $3 billion in stolen crypto assets, solidifying its status as one of the most formidable and organized cybercrime syndicates. Its penchant for innovation in targeting and stealing funds continues to outpace law enforcement efforts.

臭名昭著的 Lazarus 黑客组织自 2009 年以来一直活跃，已积累了价值 30 亿美元的被盗加密资产，巩固了其作为最强大、最有组织的网络犯罪集团之一的地位。它在瞄准和窃取资金方面的创新热衷继续超过执法部门的努力。

In August 2023, Lazarus hackers executed a meticulously planned scheme using fake job interviews to siphon $37 million from crypto payment firm CoinPaid. By enticing individuals with lucrative salary offers, the hackers attempted to infiltrate CoinsPaid's infrastructure and gain access to sensitive information.

2023 年 8 月，Lazarus 黑客执行了一项精心策划的计划，利用虚假工作面试从加密支付公司 CoinPaid 窃取了 3700 万美元。通过以丰厚的薪资诱惑个人，黑客试图渗透 CoinsPaid 的基础设施并获取敏感信息。

North Korea's reliance on Lazarus hackers for funding its military operations is well-documented. Crypto mixing services facilitate the laundering of stolen funds back to the rogue regime, enabling it to evade sanctions and finance its illicit activities.

朝鲜依赖 Lazarus 黑客为其军事行动提供资金是有据可查的。加密货币混合服务有助于将被盗资金洗回流氓政权，使其能够逃避制裁并为其非法活动提供资金。

Despite their notoriety, crypto firms have proven resilient against Lazarus's relentless attacks. The decentralized nature of blockchain technology allows crypto platforms to track and block stolen assets once they are identified. In February 2023, Huobi and Binance successfully froze $1.4 million worth of crypto assets linked to North Korea. Similarly, $63 million worth of assets associated with the Harmony Bridge hack were intercepted by crypto exchanges.

尽管声名狼藉，但事实证明，加密货币公司能够抵御 Lazarus 的无情攻击。区块链技术的去中心化性质允许加密平台在识别被盗资产后跟踪并阻止它们。 2023 年 2 月，火币和币安成功冻结了价值 140 万美元的与朝鲜相关的加密资产。同样，与 Harmony Bridge 黑客攻击相关的价值 6300 万美元的资产被加密货币交易所拦截。

The Lazarus group's audacious exploitation of LinkedIn highlights the evolving landscape of cybercrime and the need for vigilance among professionals. By masquerading as legitimate job seekers, the hackers have breached the trust of unsuspecting victims, demonstrating their willingness to infiltrate even the most secure platforms.

Lazarus 组织对 LinkedIn 的大胆利用凸显了网络犯罪不断变化的格局以及专业人士保持警惕的必要性。通过伪装成合法求职者，黑客破坏了毫无戒心的受害者的信任，表明他们愿意渗透甚至最安全的平台。

As the Lazarus group continues to refine its tactics and expand its reach, collaboration between law enforcement agencies, blockchain security firms, and crypto exchanges will be crucial in combating their illicit activities. By sharing intelligence, deploying advanced detection mechanisms, and freezing stolen assets, the international community can disrupt Lazarus's operations and protect the integrity of the digital ecosystem.

随着拉撒路集团不断完善其策略并扩大其影响范围，执法机构、区块链安全公司和加密货币交易所之间的合作对于打击其非法活动至关重要。通过共享情报、部署先进的检测机制和冻结被盗资产，国际社会可以扰乱 Lazarus 的运营并保护数字生态系统的完整性。