North Korean threat actors have escalated the ‘Contagious Interview’ campaign, using Visual Studio Code to deliver hidden backdoors to developers through fake job assignments. The operation targets blockchain and crypto professionals, blending social engineering with technical exploits.
#North Korean hackers | #Visual Studio Code | #cybersecurity
North Korean hackers have launched a sophisticated campaign targeting macOS developers via malicious VS Code projects. By hiding obfuscated JavaScript in project configuration files and leveraging fake job offers, the attackers deploy persistent backdoors for espionage and remote code execution. Experts urge developers to be vigilant with third-party repositories.
#North Korean hackers | #macOS developers | #Visual Studio Code
Hackers are exploiting Visual Studio Code’s trusted workflows to deploy stealthy backdoors through malicious Git repositories, targeting unsuspecting developers. This investigative feature unpacks the attack chain, technical tricks, and crucial defense strategies.
North Korean state hackers are targeting developers by hiding advanced malware in Visual Studio Code projects, leveraging fake job offers and exploiting trusted workflows to steal sensitive data and digital assets.
A new wave of attacks abuses Visual Studio Code extensions to deploy advanced malware, compromising developer systems and stealing sensitive data. The Evelyn Stealer campaign reveals how trusted tools can become cybercriminal backdoors.
Researchers have uncovered a stealthy malware campaign that weaponized Visual Studio Code extensions. By hiding malicious binaries inside fake images and tampered dependencies, attackers infiltrated the developer supply chain, highlighting new risks in trusted coding environments.