LONDON, U.K. - Hackers posed as recruiters working for U.S. defence giants Collins Aerospace and General Dynamics on LinkedIn to break into the networks of military contractors in Europe, cybersecurity researchers said on Wednesday.
The
cyber spies were able to compromise the systems of at least two defence and
aerospace firms in Central Europe last year by approaching employees with
pseudo job offers from the U.S. firms, Slovakia-based cybersecurity firm ESET
said.
The
attackers then used LinkedIn's private messaging feature to send documents
containing malicious code which the employees were tricked into opening, said
Jean-Ian Boutin, ESET's head of threat research.
ESET
declined to name the victims, citing client confidentiality, and said it was
unclear if any information was stolen. General Dynamics and Collins Aerospace,
which is owned by Raytheon Technologies , declined immediate comment.
ESET was
unable to determine the identity of the hackers but said the attacks had some
links to a North Korean group known as Lazarus, which has been accused by U.S.
prosecutors of orchestrating a string of high-profile cyber heists on victims
including Sony Pictures and the Central Bank of Bangladesh.
North
Korea's mission to the United Nations in New York did not immediately respond
to a request for comment.
The
attacks are not the first time LinkedIn has been caught up in international
espionage. Western officials have repeatedly accused China of using fake
LinkedIn accounts to recruit spies in other countries, and multiple hacking
groups have been spotted using the business-networking site to profile their
targets.
But
ESET's Boutin said hacking attempts are usually conducted via email. "This
is the first case I am aware of where LinkedIn was used to deliver the malware
itself," he said.
LinkedIn
said it had identified and deleted the accounts used in the attacks. "We
actively seek out signs of state-sponsored activity on the platform and quickly
take action against bad actors," said the company's head of trust and
safety, Paul Rockwell.
***Additional
reporting by Michelle Nichols in New York; Editing by Elaine Hardcastle
https://wincountry.com/news/articles/2020/jun/17/cyber-spies-use-linkedin-to-hack-european-defence-firms/1030354/?refer-section=world