Employee tricked into giving North hackers access to Chile’s ATM over

North Korean hackers fooled a Redbanc employee into a fake job interview over Skype and then tricked him into downloading malware onto his work computer to get access to the company’s interbank network, according to a report by Chilean news site trendTIC.

For those unaware, Redbanc is an interbank network in Chile that connects the ATMs of all the in Chile.

It all began when the Redbanc employee in question responded to a developer job advertisement on the job website, LinkedIn. When the Redbanc professional clicked to apply for the position, he was contacted by the hackers for an interview, which they conducted in Spanish via a Skype call.

During the interview, the employee was asked to download, install, and run a program named ApplicationPDF.exe on the computer. He was told that it was a part of the recruitment process and would generate a standard application form online in PDF format.

However, the program instead installed malware on the computer, which in turn allowed hackers to gain access to the employee’s work computer username, hardware and OS, and proxy settings. This information was later used to deliver a second-stage payload to the device.

Although this took place in December last year, it was only made public after Chilean Senator Felipe Harboe used Twitter to accuse Redbanc of not disclosing the in time.

In a statement, the company says “the event had no impact on our operations, keeping our services running smoothly”.

company Flashpoint linked the malware strain to PowerRatankba, a malware toolkit that was previously used by North Korea-affiliated hacker group Lazarus. This hacking group which is behind the infamous Sony hack in 2014, have also been accused of attempting to steal money from Banco de Chile last year.

Source link
Based Blockchain Network


Please enter your comment!
Please enter your name here