North Korea-linked Lazarus APT group (aka HIDDEN COBRA) has been observed while using LinkedIn lures in a spear-phishing campaign targeting the cryptocurrency organizations worldwide. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFTattacks in 2016, and the Sony Pictures hack. The attack chain used in this attack employed a maliciously crafted Word document that claimed to be protected by a General Data Protection Regulation (GDPR) which requires the target to enable content to read it. The malware collects info and sends them back to the attackers C2 servers.”]
Source: https://securityaffairs.co/wordpress/107519/apt/lazarus-targets-cryptocurrency.html