Beware of Contacts through LinkedIn: They Target Your Organization’s Property, Not Yours

JPCERT/CC warns that Lazarus-linked campaigns are actively exploiting LinkedIn as an initial access vector—often via hijacked legitimate accounts—to contact targets (notably defense and cryptocurrency organizations), switch communications to Skype/WhatsApp/Telegram, and deliver malicious files (Word, ZIP/LNK, MSI) that install cross-platform malware. The report details three operations (Dream Job, DangerousPassword, AppleJeus), notes persistent activity since 2019, and recommends restricting SNS use on work devices and implementing protective measures.