All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
Bluesky
Twitter
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

North Korean Hackers Target Developers via GitHub with Fake Recruitment Lures and Malicious VS Code Projects

By

CybersecurityNews

1d ago· 1 min readenNews
Bagel score 80 of 100
80/100
Golden Brown
Bagelometer

Toasted golden, schmeared with insight. Top of the rack.

Score80TypenewsSentimentvery negative

Summary

Researchers have uncovered UNK_DeadDrop, a North Korea-linked phishing campaign that targets developers on GitHub using fake recruitment and code-review lures. The campaign pushes malicious VS Code projects and Overlord malware against developers across nearly 100 organizations. Additionally, malicious VS Code extensions and multiple npm/GitHub supply-chain campaigns have been found delivering backdoors and stealers that target credentials, cryptocurrency wallets, and developer systems. The threat actors behind these campaigns include groups tracked as BlueNoroff, VoidDokkaebi, and others, deploying malware such as BeaverTail, InvisibleFerret, OtterCookie, TaskJacker, CabbageRAT, and ClipViper.

Key quotes

· 2 pulled
Researchers uncovered UNK_DeadDrop, a North Korea-linked phishing campaign using recruitment and code-review lures on GitHub to push malicious VS Code projects and Overlord malware against developers across nearly 100 organizations.
Malicious VS Code extensions and multiple npm/GitHub supply-chain campaigns were found delivering backdoors and stealers that target credentials, wallets, and developer systems.
Snippet from the RSS feed
Researchers uncovered UNK_DeadDrop, a North Korea-linked phishing campaign using recruitment and code-review lures on GitHub to push malicious VS Code projects and Overlord malware against developers across nearly 100 organizations. Separat...

You might also wanna read

North Korean Hackers Exploit Visual Studio Code to Deploy Backdoor Malware via Git Repositories

Jamf Threat Labs has identified North Korean threat actors expanding their abuse of Microsoft Visual Studio Code to deploy backdoor malware.

jamf.com·4mo ago

Glassworm Threat Actor Returns with Unicode-Based Supply Chain Attacks on GitHub, npm, and VS Code

The Glassworm threat actor has returned with a new wave of supply chain attacks using invisible Unicode characters to compromise software re

aikido.dev·3mo ago

Supply Chain Attacks on Open-Source Software: Case Study of Malicious Pull Request Attempts

The article discusses recent supply chain attacks on open-source software projects like LiteLLM and axios, with a specific case study of att

casco.com·2mo ago

How a Fake Job Interview Nearly Installed Malware on My Computer

A developer shares a personal account of nearly falling victim to a sophisticated job interview scam where a fake blockchain company recruit

blog.daviddodda.com·8mo ago

Developer discovers remote code execution backdoor hidden in fake crypto startup job offer on LinkedIn

A security-conscious developer receives a LinkedIn job offer from a recruiter at a crypto startup. Suspicious of the request to review a Git

roman.pt·1d ago

Developer discovers remote code execution backdoor hidden in fake crypto startup job offer on LinkedIn

A security-conscious developer receives a LinkedIn job offer from a recruiter at a crypto startup. Suspicious of the request to review a Git

roman.pt·1d ago

GitHub confirms breach of 3,800 repos via malicious VSCode extension

bleepingcomputer.com·27d ago