July 31, 2024 at 09:45AM A malware campaign, DEV#POPPER, is targeting software developers across Windows, Linux, and macOS systems. Linked to North Korea, the threat actors use social engineering to trick victims into divulging information or downloading malicious software. The campaign uses obfuscated JavaScript and Python backdoors, along with enhanced obfuscation and remote monitoring to … Read more
April 27, 2024 at 02:00AM A social engineering campaign named DEV#POPPER is targeting software developers with fraudulent job interviews, leading them to download and execute malicious npm packages, including a Python backdoor. The campaign is linked to North Korean threat actors. They disguise themselves as employers to distribute malware, indicating ongoing efforts to enhance their … Read more
April 26, 2024 at 10:23AM A campaign named “Dev Popper” is targeting developers with fake job interviews to trick them into downloading and running a Python remote access trojan (RAT), enabling the threat actors to gather system information and gain remote access. Analysts suspect North Korean involvement based on observed tactics. Similar tactics have been … Read more