Targeting of U.S. defense contractors

Date of report

August 2020

Affiliations

Lazarus Group

North Korean hackers used fake job postings from leading U.S. defense contractors on LinkedIn to install malicious data-gathering software when clicked.

Suspected victims

U.S. defense contractors

Suspected state sponsor

Korea (Democratic People's Republic of)

Type of incident

Espionage

Target category

Government

MAR-10295134-1.v1 – North Korean Remote Access Trojan: BLINDINGCAN
FBI, DHS expose North Korean government malware used in fake job posting campaign

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events