North Korean Hackers Pose as Job Recruiters and Seekers in Malware Campaigns

North Korean threat actors have been pretending to be job recruiters and seekers to distribute malware and gain unauthorized employment with several international organizations. Codenamed ‘Contagious Interview’ and ‘Wagemole’ by Palo Alto Networks’ Unit 42, these operations aim for spying, financial gain and cryptocurrency theft. The actors even use GitHub as a platform to host fake resumes. The highly-skilled IT workers hired through this process contribute their wages to North Korea’s weapons programs.