North Korean hackers have set up fake crypto consulting firms to trick developers into downloading malware, according to a report published on April 24 by Silent Push Threat Analysts.
The group behind the scheme, called Contagious Interview, is part of the Lazarus network. They created three front companies—BlockNovas, Angeloper Agency, and SoftGlide—with two officially registered in the United States.
The hackers use these fake companies to post job listings on platforms like GitHub, freelancer websites, and recruitment boards.
Did you know?
Subscribe – We publish new crypto explainer videos every week!
Best Crypto Analysis Indicators Explained (Beginner-Friendly Animation)
Interested applicants are asked to record a video introduction as part of the interview process. When they try to do so, they receive an error message along with instructions to quickly fix it. If they follow the instructions, they unknowingly download malware onto their devices.
Silent Push identified three types of malware being used: BeaverTail, InvisibleFerret, and OtterCookie. BeaverTail is mainly used to steal system information and open a path for more malware. InvisibleFerret and OtterCookie focus on stealing sensitive data such as crypto wallet keys and clipboard contents.
The fake companies also use convincing websites and employee profiles to seem real. Some of these profiles are made with artificial intelligence (AI) generated images, while others are altered versions of real people’s photos.
Zach Edwards, a senior analyst at Silent Push, explained that the hackers would slightly modify real images to make them harder to trace.
On April 11, Jake Gallen, CEO of Emblem Vault, warned the crypto community about a scam that cost him over $100,000 in digital assets. How does the scam work? Read the full story.
Having completed a Master’s degree in Economics, Politics, and Cultures of the East Asia region, Aaron has written scientific papers analyzing the differences between Western and Collective forms of capitalism in the post-World War II era.With close to a decade of experience in the FinTech industry, Aaron understands all of the biggest issues and struggles that crypto enthusiasts face. He’s a passionate analyst who is concerned with data-driven and fact-based content, as well as that which speaks to both Web3 natives and industry newcomers.Aaron is the go-to person for everything and anything related to digital currencies. With a huge passion for blockchain & Web3 education, Aaron strives to transform the space as we know it, and make it more approachable to complete beginners.Aaron has been quoted by multiple established outlets, and is a published author himself. Even during his free time, he enjoys researching the market trends, and looking for the next supernova.
