Lazarus hackers compromise Chile's ATM network through LinkedIn job advert

The hack was facilitated by a fake job interview via the business-orientated social network

Person entering their PIN number into an ATM machine

Chile's ATM network has been compromised by what is believed to be Lazarus, the cybercrime outfit oft-thought to have links to North Korea.

The attack was facilitated by a Redbanc employee who fell for a phishing scam following a job application. Redbanc is the company that manages the interconnecting infrastructure for all of Chile's ATMs.

The employee applied for a job via LinkedIn and then the hiring company, believed to be Lazarus, set up a fake interview with the applicant in Spanish, according to trendTIC.

The applicant was then told to download and install a file named ApplicationPDF.exe, a program that would help with the recruitment process and generate a standard application form.

Instead, this application was a form of malware known as PowerRatankba, a strain previously linked to Lazarus Group, according to Vitali Kremez, director of research at Flashpoint, in an analysis of the executable.

The malware collected information about the employee's computer and sent it back to a remote server so when the attackers realised they had caught a big fish, they could release a PowerShell script in a second stage payload. The computer then acted as an entry point for the attackers to compromise the Redbanc infrastructure.

The attack happened in late December 2018 but has only recently been reported for the first time.

Chilean Senator Felipe Harboe slammed Redbanc for failing to disclose the hack sooner, the company did just that the following day.

The Lazarus hackers are known for their prolific hacks on banks and cryptocurrency exchanges and have remained anonymous and active for some years.

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Recommended

Bank-targeting malware disguises itself as video conferencing software
Security

Bank-targeting malware disguises itself as video conferencing software

19 Oct 2020
What is shoulder surfing?
Security

What is shoulder surfing?

19 Oct 2020
Google blocked record-breaking 2.5Tbps DDoS attack in 2017
Security

Google blocked record-breaking 2.5Tbps DDoS attack in 2017

19 Oct 2020
Microsoft releases two emergency Windows patches
Security

Microsoft releases two emergency Windows patches

19 Oct 2020

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
iPhone 12 lineup official with A14 Bionic chip and 5G support
Mobile Phones

iPhone 12 lineup official with A14 Bionic chip and 5G support

13 Oct 2020
Google blocked record-breaking 2.5Tbps DDoS attack in 2017
Security

Google blocked record-breaking 2.5Tbps DDoS attack in 2017

19 Oct 2020