Slashdot Mirror
North Korean Hackers Infiltrate Chile's ATM Network After Skype Job Interview (zdnet.com)
A Skype call and a gullible employee was all it took for North Korean hackers to infiltrate the computer network of Redbanc, the company that interconnects the ATM infrastructure of all Chilean banks. From a report: Prime suspects behind the hack are a hacker group known as Lazarus Group (or Hidden Cobra), known to have associations to the Pyongyang regime, is one of the most active and dangerous hacking groups around, and known to have targeted banks, financial institutions, and cryptocurrency exchanges in the past years. Lazarus' most recent attack took place at the end of December last year but only came to the public's attention after Chilean Senator Felipe Harboe called out Redbanc on Twitter last week for not disclosing its security breach. The company, which has direct lines into the networks of all Chilean banks, formally admitted to the hack a day later in a message posted on its website, but that announcement didn't include any details about the intrusion. However, a day after Redbanc's admission, an investigation conducted by Chilean tech news site trendTIC revealed that the financial firm was the victim of a serious cyber-attack, and not something that could be easily dismissed. According to reporters, the source of the hack was identified as a LinkedIn ad for a developer position at another company to which one of the Redbanc employees applied.
Just for the record, I had nothing to do with this.
I am not interested in articles about life extension advancements.
It's not "after a skype interview", but rather "after the user opened a malicious executable which compromised the system". How is this newsworthy again?
The title makes it seem as if Skype was the infection vector, but reading the article will tell you it wasn't. The problem, as usual, is stupid people doing stupid things, "during this interview [the Skype call], the Redbanc employee was asked to download, install, and run a file named ApplicationPDF.exe, a program that would help with the recruitment process and generate a standard application form." Yes, Skype is a mess, but it didn't infect the computer system.
I read the title, and I was thinking of Chilie's Bar and Grill, (a somewhat popular food chain in the US). I was picturing some early 20 something store manager, just getting tricked by this guy. Then I read a little further realize it was the country.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
North Korea has nothing to gain by doing flippant things like this
Actually, they do gain. If NK behaved like a "normal" country, they would be treated like one. But by regularly engaging in batshit insane behavior, they lower expectations so much that when we sit down to negotiate with them, we are happy to accept any outcome that is even halfway sane, even they though have a long pattern of not keeping their word.
The Kim family regime has controlled NK for more than 70 years. Even longer than the Castro family has controlled Cuba. Their strategy of egregious behavior has worked well for them.
"known to have associations to the Pyongyang regime" Seriously? If they are operating out of North Korea they are just stooges for that Joffrey wannabe. Get it straight. There is no Pyongyang regime. There is no North Korean government. It's just that piece of slime. Every news report or article that says something like "the North Korean government did or said thus and so" should get the publisher slapped silly. They know his name.
You're not getting it. It's easy to play the "idiots get what they deserve". In practice, someone looking to get a job at a company will lower its guards since he need that job and refusing to follow a stupid company process will likely disqualify them.
And even when interviewing for very "technical" companies, HR folks usually have no clue about security and will put the candidates at risk all the times, so even if you're a security expert, it's really hard to know whether the interviewer is trying to trick you or just bad at security.
I've been asked so many times to provide personal information through unencrypted email, like banking accounts ; this is very common. Every time, I configured a web server with HTTPS and authentication for the HR person to retrieve the documents securely, calling them to give them the password or creating the password to that part of it would be only known by the HR person. Obviously not everyone would do that and I was lucky the HR person managed to retrieve the documents (they were nice and helpful and managed to follow my instructions).
Job interview - social engineering *is* brilliant and really hard to counter.
It was "EggShell" security, a hard perimiter with no protection once it cracks. Any breach and -everything- is lost.
I am not sure that it counts as any security at all, these days...