The one affair no one anticipate on a line of work interview is North Korean drudge blame up on the other line . But that ’s on the face of it incisively what bechance to a pitiful employee at Redbanc , the company that handles Chile ’s ATM net .
The freaky tale was reported intrendTIC , a Chilean tech site . A Redbanc employee found a job first step on LinkedIn for a developer post . After setting up a Skype consultation , the employee was then enquire to install a political platform called ApplicationPDF.exe on their information processing system , trendTIC reports . The program was reportedly excuse to be part of the enlisting outgrowth and generated a standard software program form . But it was not an software figure , it was malware .
Because the malware was then set up on a caller computer , the hackers reportedly obtain crucial info about the employee ’s work computer , including username , ironware and OS , and proxy background . With all that information , the hackers would then be able to later deliver a second - stage warhead to the septic computer .
As for the linkup to North Korea , ananalysisby security firm Flashpoint indicates the malware utilize PowerRatankba , a malicious toolkit associated with Lazarus Group , a hack organization with ties to Pyongyang . If you have n’t heard of these bozo , you ’ve in spades listen of the hooey they ’ve been up to . Also known as Hidden Cobra , the Lazarus Group is linked with theSony hack in 2014and theWannaCry 2.0 computer virus , which infect 230,000 estimator in 150 countries in 2017 . They ’re also sleep with for targeting majorbanking and fiscal institutionsand have reportedly decamp with$571 million in cryptocurrencysince January 2017 .
The ward-heeler reportedly admit seat at the end of December , but it was only made public after Chilean Senator Felipe Harboe submit to Twitter last workweek to shell Redbanc for preserve the breach secret . Redbanc later acknowledged the breach pass in astatement , but the company fail to advert any details .
Me informan que a fines de diciembre@redbancsufrió ataque informático a su red de interconexión bancaria . Sería bueno que la empresa transparentara magnitud , riesgos y medidas de control de tal ataque
— Felipe Harboe B ( @felipeharboe)January 8 , 2019
That suppose , there were some serious security 101 no - no ’s dedicate by the Redbanc employee that we can all learn from . in the main , it does n’t matter how much you hate your current fizgig , you should be suspicious if a prospective employer require you to download any program that ask for personal data . Also , for multiple common - horse sense rationality , peradventure do n’t do task interviews on your consecrate work computer . And while it ’s hard these days not to take work home , for security measure reasons , you should definitely be more spot about the programs you download onto a study - cut equipment . sound simple enough , but then again , it happened to this poor fellow .
[ ZDNet ]
HackingNorth Korea
Daily Newsletter
Get the good tech , science , and culture news in your inbox day by day .
News from the future , render to your present tense .
You May Also Like
