And finally… fake job interview dupes bank employee into cyber attack

The staffer at interbank network Redbanc had responded to a developer job advert on LinkedIn, looking to speak to prospective employees via Skype.

After formalities, the hapless victim was asked to install a program that would supposedly generate an application form, according to local tech news site trendTIC.

Instead, malware was installed, enabling the hackers to gain access to the staffer’s work computer username, hardware and OS, and proxy settings. This information was then used to deliver a second-stage payload.

Last week Redbanc confirmed it had been attacked back in December after Chilean Senator Felipe Harboe used Twitter to accuse the ATM network operator of covering the breach up.

In a statement, the firm said “the event had no impact on our operations, keeping our services running smoothly”.

Security firm Flashpoint has linked publicly referenced samples to PowerRatankba, a malware toolkit with ties to North Korea-affiliated hacker group Lazarus.

North Korea has also been linked to an incident last year that saw hackers infiltrated the IT systems of Banco de Chile with disk-wiping malware, causing chaos and distracting from the theft of $10 million via the international Swift network.