The Lazarus Group targeted a BitMEX employee in May 2025 through LinkedIn, using a fake NFT project as a lure to deliver malicious code.
Claim
Quotes that support claims
Recently, a BitMEX employee was contacted through LinkedIn for a potential ‘NFT Marketplace’ web3 project collaboration. The goal was to make the victim run the project’s code, which includes malicious code, on their computer.
Recently, a BitMEX employee was contacted through LinkedIn for a potential ‘NFT Marketplace’ web3 project collaboration. This pretext was similar enough to other attacks common in this industry that the employee suspected it was an attempt to trick them into running malicious code on their device.
Referenced by
Attack tactics and security response
Crypto news
Data block
