North Korean Hackers Unleash ‘Contagious Interview’ Campaign Targeting Web3 Founders

The dark underbelly of the internet’s future was recently exposed when a Web3 founder fell prey to a sophisticated attack by North Korean hackers. This incident serves as a stark reminder of the ongoing campaign by these malicious actors to target the very individuals building the foundation of the internet’s next generation.

It all began with a simple request from a friend, who was applying for a new job and asked Ostwal to review a code repository. Unbeknownst to him, this act of kindness would open the door to the “Contagious Interview” campaign, linked to the notorious state-sponsored Lazarus Group from North Korea. According to ___ Bitcoin News, these attackers have shifted their tactics from mass phishing to high-touch social engineering, tricking developers into running tampered files.

Ostwal’s experience is a chilling example of this new approach. After executing the code, a silent infection chain was initiated on his machine. The malware used in this attack was particularly insidious, consisting of two components that, when used together, became an almost unstoppable crypto-stealing duo in any developer environment.

The first component involved automatic execution, where a file named analytics. controller. js would run a hidden function as soon as the local server started.