The Lazarus Group, allegedly affiliated with the North Korean government, was responsible for a phishing campaign involving a fraudulent email invitation to a Coinbase crypto trader hiring assessment.
The email, sent on March 6, 2025, contained a hyperlink to a malicious website that had been flagged as phishing and malware by security vendors.
The analysis used the “Endpoint Security” and “Email Security” pages to investigate potential security issues and check for system intrusion.
It is important to remain vigilant against such attacks and to practice good cyber hygiene, such as regularly updating software, using antivirus and malware detection tools, and being cautious of suspicious emails and links.
The exact nature of the payload and the impact of the campaign are not mentioned in the available information, and the investigation described is limited to initial analysis and detection.