The investigation revealed that three malicious npm packages published in September 2024 contained BeaverTail malware, part of North Korean cyber operations targeting developers.
Contagious Interview represents a yearlong DPRK campaign aimed at luring developers into downloading malicious applications disguised as coding tests, first discovered in November 2023.
The use of npm packages to deploy malware like BeaverTail has been a repeated tactic for DPRK threat actors, highlighting a troubling trend in supply chain attacks.
The cryptocurrency sector is particularly vulnerable, as demonstrated by the continued targeting of etherscan-api clones and new counterfeit packages that aim to harvest cryptocurrencies.
Collection
[
|
...
]