Fake job offers target software developers with infostealers

by admin 0 Comments

Cyber Security
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

A North Korea-aligned activity cluster tracked by ESET as DeceptiveDevelopment drains victims’ crypto wallets and steals their login details from web browsers and password managers

Editor

20 Feb 2025

ESET researchers have observed a malicious campaign where North Korea-aligned threat actors, posing as headhunters, target freelance software developers with info-stealing malware.

The activities – named DeceptiveDevelopment and going back to at least November 2023 – involve spearphishing messages that are being distributed on job-hunting and freelancing sites and ask the targets to take a coding test, with the files necessary for the task usually hosted on private repositories such as GitHub. These files are laden with malware, however, which ultimately lets the attackers steal the victims’ login details and drain their cryptocurrency wallets.

What else is there to know about the campaign’s tactics, techniques, and procedures? Learn from ESET Chief Security Evangelist Tony Anscombe in the video and make sure to read the full blogpost.

Connect with us on Facebook, XLinkedIn and Instagram.

This article was originally published by Welivesecurity.com. Read the original article here.
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

China-Linked Espionage Tools Used in Recent Ransomware Attack
Salt Typhoon Exploited Cisco Devices With Custom Tool to Spy on US Telcos
Pro-Russia Hackers NoName057(16) Hit Italian Banks and Airports
What is penetration testing? | Unlocked 403 cybersecurity podcast (ep. 10)
Hackers Exploit Signal’s Linked Devices Feature to Hijack Accounts via Malicious QR Codes

Leave a Reply

Your email address will not be published. Required fields are marked *