North Korean hackers infiltrate Chile's ATM network after Skype job interview

guest · Jan 15, 2019

North Korean hackers infiltrate Chile's ATM network after Skype job interview
January 16, 2019
https://www.zdnet.com/article/north...chiles-atm-network-after-skype-job-interview/

A Skype call and a gullible employee was all it took for North Korean hackers to infiltrate the computer network of Redbanc, the company that interconnects the ATM infrastructure of all Chilean banks.

Lazarus' most recent attack took place at the end of December last year but only came to the public's attention after Chilean Senator Felipe Harboe called out Redbanc on Twitter last week for not disclosing its security breach.

[...] approached the Redbanc employee for an interview, which they conducted in Spanish via a Skype call.
trendTIC reports that during this interview, the Redbanc employee was asked to download, install, and run a file named ApplicationPDF.exe, a program that would help with the recruitment process and generate a standard application form.

But according to an analysis of this executable by Vitali Kremez, Director of Research at Flashpoint, the file downloaded and installed PowerRatankba, a malware strain previously linked to Lazarus Group hacks
Click to expand...

Rasheed187 · Jan 19, 2019

This is exactly what I tried to explain in another topic. It's easy to say that this person should not have been "click happy", but I think most people would have been tricked, because trust plays a role. And most people probably also think that AV will safe them, but as you can see, it didn't. So yes, a behavior blocking tool would not have been a bad idea.

Log in or Sign up

North Korean hackers infiltrate Chile's ATM network after Skype job interview

guest Guest

Rasheed187 Registered Member

Log in or Sign up

North Korean hackers infiltrate Chile's ATM network after Skype job interview

guest Guest

Rasheed187 Registered Member

Useful Searches