#ContagiousInterview

BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers

by

October 28, 2024 at 11:36AM In September 2024, three malicious npm packages were discovered containing BeaverTail malware, linked to North Korean campaigns targeting developers. The packages, now removed, included backdoored versions of popular libraries. Ongoing threats exploit the open-source ecosystem, highlighting developers as valuable targets in cyberattacks. ### Meeting Takeaways: Malware / Threat Intelligence – … Read more

N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware

by

October 9, 2024 at 10:42AM North Korean threat actors are targeting tech job seekers with malware through a campaign called “Contagious Interview.” The group poses as employers, enticing victims to download malicious applications like BeaverTail and InvisibleFerret, designed to steal sensitive data. This ongoing threat highlights financial motivations behind their cyber activities. **Meeting Notes Takeaways … Read more

North Korean Hackers Targets Job Seekers with Fake FreeConference App

by

September 4, 2024 at 12:21PM North Korean threat actors have created a malicious campaign called Contagious Interview, using fake job interviews to distribute malware. They have now been using fake video conferencing applications to backdoor developer systems. This activity is attributed to the North Korean threat actor Famous Chollima. The campaign is targeting job seekers … Read more

DPRK Hackers Masquerade as Tech Recruiters, Job Seekers

by

November 21, 2023 at 04:18PM North Korean threat actors are engaging in deceptive tactics on the internet, posing as both job recruiters and job seekers. Palo Alto Networks’ Unit 42 has identified two ongoing campaigns, “Contagious Interview” and “Wagemole”, where the threat actors lure unsuspecting applicants into installing sophisticated malware or impersonate applicants to gain … Read more