DPRK Shenanigans 🇰🇵
Watch out, developers: Kim Jong Un is hiring like crazy nowadays. The malicious domain aigtech[.]dev hosting fake job offers that spread malicious tech assignments, dropping a payload consistent with UNC5342 campaigns. #DPRK #UNC5342 #ContagiousInterview
1
5
10
965
"Don't Fear the Repo: UNK_DeadDrop Phishing Campaign Targets Developers to Steal Cryptocurrency" published by @proofpoint. #ContagiousInterview, #UNK_DeadDrop, #DPRK, #CTI
363
May 27
"I was likely targeted by DPRK in a sophisticated developer malware campaign" published by @DenysVitali. #ContagiousInterview, #VSCode, #DPRK, #CTI
2
5
645
"Lazarus Group Uses Git Hooks To Hide Malware" published by OSM. #ContagiousInterview, #Lazarus, #TaskJacker, #DPRK, #CTI opensourcemalware.com/blog/d…
1
12
517
"DPRK Contagious Interview: Developer Workflow Compromise" published by @domaintools. #ContagiousInterview, #Lazarus, #DPRK, #CTI dti.domaintools.com/security…
1
8
365
Apr 24
"I got completely owned by the most sophisticated hack I've ever encountered" published by @turshija. #ContagiousInterview, #DPRK, #CTI archive.md/eb6sl
4
283
Apr 18
A "recruiter" just tried to hand me a 3MB remote code execution backdoor disguised as a Smart Contract Audit Challenge.
Here's exactly how it hides so you can spot the next one. 🧵
#infosec #Web3Security #SupplyChainAttack #ContagiousInterview
1
2
265
North Korean hackers are now targeting AI tools like Cursor and Claude. The OtterCookie malware steals API keys and conversation logs. Is your dev environment safe?
#ContagiousInterview #AITools #CursorAI #ClaudeAI #CyberSecurity #InfoSec #DPRK #Malware
securityonline.info/north-ko…
1
5
10
764
Apr 8
There's still time to register for our upcoming webinar with DSCO, this April 14th.
Register here: hubs.ly/Q049-WmL0
#webinar #dprk #contagiousinterview #socialengineering
2
256
"North Korea’s Contagious Interview Campaign Spreads Across 5 Ecosystems, Delivering Staged RAT Payloads" published by @SocketSecurity. #ContagiousInterview, #DPRK, #CTI socket.dev/blog/contagious-i…
2
9
511
Mar 27
This April 14th:
We'll be teaming up with DCSO to discuss the phenomenon of DPRK IT worker activities and what emerging developments security teams need to watch for now.
Register here: hubs.ly/Q048CqHz0
#dprk #cybersec #contagiousinterview #webinar #ghosthires
1
4
271
Mar 24
"NICKEL ALLEY strategy: Fake it ‘til you make it" published by @Secureworks. #NickelAlley, #ClickFix, #ContagiousInterview, #PylangGhost, #DPRK, #CTI sophos.com/en-us/blog/nickel…
4
3
527
Mar 19
"Contagious Interview Campaign: Independent Analysis of the StegaBin Wave" published by SerapHim. #ContagiousInterview, #FamousChollima, #StegaBin, #DPRK, #CTI github.com/seraphimdeck/Sera…
2
3
363
Mar 18
"StoatWaffle, malware used by WaterPlum" published by @NTTSH_JP. #ContagiousInterview, #StoatWaffle, #VSCode, #WaterPlum, #DPRK, #CTI jp.security.ntt/insights_res…
4
8
476
Mar 18
"WaterPlumが使用するマルウェアStoatWaffleについて" published by @NTTSH_JP. #ContagiousInterview, #StoatWaffle, #VSCode, #WaterPlum, #DPRK, #CTI jp.security.ntt/insights_res…
3
237
NTT Security Japan published a blog post “StoatWaffle, malware used by WaterPlum”.
We investigated StoatWaffle, a new malware that has recently begun to be used in the Contagious Interview campaign.
jp.security.ntt/insights_res…
#DPRK #WaterPlum #ContagiousInterview #StoatWaffle
2
13
2,922
ブログにて「WaterPlumが使用するマルウェアStoatWaffleについて」を公開しました。
Contagious Interviewキャンペーンにおいて、新たに使用され始めたStoatWaffleについて調査しました。
jp.security.ntt/insights_res…
#DPRK #WaterPlum #ContagiousInterview #StoatWaffle
11
25
3,052
Mar 13
"Contagious Interview: Malware delivered through fake developer job interviews" published by @MsftSecIntel. #ContagiousInterview, #InvisibleFerret, #OtterCookie, #VSCode, #DPRK, #CTI microsoft.com/en-us/security…
4
8
545
Mar 11
"North Korea Tried to Hack Our CEO Through a Fake Job Interview on LinkedIn" published by Allsecure. #BeaverTail, #ContagiousInterview, #Lazarus, #VSCode, #DPRK, #CTI allsecure.io/blog/lazarus-li…
5
9
788