Beware of Contacts through LinkedIn: They Target Your Organization’s Property, Not Yours
Contents
Beware of Contacts through LinkedIn: They Target Your Organization’s Property, Not Yours
There have recently been reports of unauthorized access in Japan, using LinkedIn as the initial infection vector.
FBI, DC3, and NPA Identification of North Korean Cyber Actors, Tracked as TraderTraitor, Responsible for Theft of $308 Million USD from Bitcoin.DMM.com
https://www.fbi.gov/news/press-releases/fbi-dc3-and-npa-identification-of-north-korean-cyber-actors-tracked-as-tradertraitor-responsible-for-theft-of-308-million-from-bitcoindmmcom
This type of attack that exploits LinkedIn is mainly used by Lazarus attack group, and JPCERT/CC has continuously confirmed such attacks against organizations in Japan since around 2019. Past incident cases suggest that using LinkedIn on a host for business is highly dangerous and should be avoided unless there is any special reason. To avoid such risks, please consider restricting the use of SNS on work devices (e.g., prohibit installing SNS applications, configure access control, etc.) in your organization and implementing other measures. If you choose to allow your employees to use SNS on their work devices, it is recommended to create …
There have recently been reports of unauthorized access in Japan, using LinkedIn as the initial infection vector.
FBI, DC3, and NPA Identification of North Korean Cyber Actors, Tracked as TraderTraitor, Responsible for Theft of $308 Million USD from Bitcoin.DMM.com
https://www.fbi.gov/news/press-releases/fbi-dc3-and-npa-identification-of-north-korean-cyber-actors-tracked-as-tradertraitor-responsible-for-theft-of-308-million-from-bitcoindmmcom
This type of attack that exploits LinkedIn is mainly used by Lazarus attack group, and JPCERT/CC has continuously confirmed such attacks against organizations in Japan since around 2019. Past incident cases suggest that using LinkedIn on a host for business is highly dangerous and should be avoided unless there is any special reason. To avoid such risks, please consider restricting the use of SNS on work devices (e.g., prohibit installing SNS applications, configure access control, etc.) in your organization and implementing other measures. If you choose to allow your employees to use SNS on their work devices, it is recommended to create …