The article discusses an ongoing cyber-attack campaign called DeceptiveDevelopment, linked to North Korea, which targets freelance software developers through job interview scams. Cybersecurity company ESET revealed that these attacks use fake recruiter profiles on various job platforms, including Upwork and Freelancer.com, to share malicious code disguised as legitimate projects. This method aims to steal cryptocurrency wallets and login details by deploying malware hid within coding tests and projects related to cryptocurrency. This campaign is associated with Lazarus Group activity and has persisted since late 2023.
Additionally, they are instructed to build and execute the project in order to test it, which is where the initial compromise occurs.
Collection
[
|
...
]