North Korea Hacks Devs via Fake npm Job Interviews

A new wave of North Korea hacks devs through a deceptive campaign that uses fake job interviews and malicious npm packages. Security researchers have identified 35 compromised packages uploaded to the npm repository, which deliver infostealers and backdoors to developers’ systems. These tools collect sensitive information and open unauthorized access points.

Labeled the “Contagious Interview” campaign, this operation targets software developers looking for employment. Victims often receive fraudulent interview invitations, which lead them to download infected packages. Once installed, the malware executes silently, compromising the developer’s machine.

North Korea hacks devs with increasing sophistication, blending social engineering with supply chain infiltration. By disguising malware within open-source tools, attackers bypass traditional security defenses and exploit developer trust.

This campaign underscores the growing risks in software development environments. Developers are urged to verify package sources and remain cautious when engaging in unsolicited job offers.

Read the full report here:
https://www.bleepingcomputer.com/news/security/new-wave-of-fake-interviews-use-35-npm-packages-to-spread-malware/