Intel Name: Dprk threat actors target tech job seekers with beavertail and invisibleferret malware
Date of Scan: October 10, 2024
Impact: Medium
Summary: The article “Contagious Interview: DPRK Threat Actors Lure Tech Industry Job Seekers to Install New Variants of BeaverTail and InvisibleFerret Malware” discusses ongoing activities from North Korean threat actors, identified as part of the CL-STA-240 Contagious Interview campaign. Posing as recruiters, they target tech industry job seekers to install malware on their devices. Since its initial report in November 2023, the campaign has seen new online activity and updates to the BeaverTail downloader and InvisibleFerret backdoor. Notably, the BeaverTail malware has been compiled using the Qt framework for both macOS and Windows, indicating a broadening of their targeting tactics.