SlowMist Chief Information Security Officer (CISO) 23pds posted on the X platform that the Lazarus organization is currently contacting targets in the cryptocurrency industry through LinkedIn and stealing employee permissions or assets through malware.
First, they contact managers or HR personnel of the target company through LinkedIn, falsely claiming to be looking for a React/blockchain developer position. Then, the attacker will claim to be an experienced job seeker and say that they can access their own repository and run the relevant code to see how good they are, but in fact the repository contains malicious code snippets.