Experts have observed a disturbing new trend in cybercrime: the use of trojanized coding challenges to target employees of companies. In a recent incident, a Spanish aerospace company fell victim to a cyber attack orchestrated a North Korean group known as the Lazarus Group. The group used LinkedIn’s messaging service to deliver malicious payloads disguised as job offers from Meta, Facebook’s parent company.

The technique employed the Lazarus Group is referred to as “trojanized coding challenges.” This method involves sending coding challenges to employees under the guise of legitimate job opportunities. These challenges, however, are embedded with malicious code that, when executed, compromises the target’s system. By leveraging the desperation in the job market, cybercriminals exploit employees’ eagerness to secure employment, allowing them topass traditional security measures.

While specific details about the Spanish aerospace company and the exact nature of the attack were not disclosed, it is worth noting that the Lazarus Group has a history of targeting aerospace and defense companies. This suggests that the motive behind the attack may have been to gather sensitive information or gain a competitive edge in the industry.

The use of trojanized coding challenges is considered a “novel approach” cybersecurity experts. It highlights the ever-evolving tactics employed cybercriminals to gain unauthorized access to secure systems. This incident serves as a reminder to both individuals and companies to maintain vigilance and exercise caution when interacting with unfamiliar job opportunities or challenges.

