North Korean hackers target developers with fake job interviews

Software developer in a fake job interview orchestrated by hackers.

Cybersecurity researchers at ReversingLabs have uncovered malicious software packages linked to a campaign known as VMConnect, believed to be orchestrated by the North Korean hacking team Lazarus Group. The campaign, first identified in August 2023, uses fake job interviews to lure developers into downloading and executing malicious code.

The latest samples were traced to GitHub projects associated with previous targeted attacks. Researchers were able to identify one compromised...