Free Airdrop Season 7 is LIVE! Answer fun questions or do simple tasks to earn rewards from the $30K BitDegree prize pool. Participate Now ! 🔥
North Korean's Lazarus Group Targets Devs with Bogus Crypto Companies
Last Updated: April 25, 2025
✓ Fact Checked
Key Takeaways
- Hackers linked to North Korea created fake crypto firms to post job ads and trick developers into downloading malware during interviews;
- Victims are asked to fix a fake video error, which installs malware that targets system data, clipboard contents, and crypto wallets;
- The scam uses realistic websites and fake employee photos, some AI-generated or altered from real images to appear more convincing.
North Korean hackers have set up fake crypto consulting firms to trick developers into downloading malware, according to a report published on April 24 by Silent Push Threat Analysts.
The group behind the scheme, called Contagious Interview, is part of the Lazarus network. They created three front companies—BlockNovas, Angeloper Agency, and SoftGlide—with two officially registered in the United States.
The hackers use these fake companies to post job listings on platforms like GitHub, freelancer websites, and recruitment boards.
Did you know?
Want to get smarter & wealthier with crypto?
Subscribe - We publish new crypto explainer videos every week!
What is Polygon in Crypto? (Animated Explainer)
Interested applicants are asked to record a video introduction as part of the interview process. When they try to do so, they receive an error message along with instructions to quickly fix it. If they follow the instructions, they unknowingly download malware onto their devices.
Silent Push identified three types of malware being used: BeaverTail, InvisibleFerret, and OtterCookie. BeaverTail is mainly used to steal system information and open a path for more malware. InvisibleFerret and OtterCookie focus on stealing sensitive data such as crypto wallet keys and clipboard contents.
The fake companies also use convincing websites and employee profiles to seem real. Some of these profiles are made with artificial intelligence (AI) generated images, while others are altered versions of real people's photos.
Zach Edwards, a senior analyst at Silent Push, explained that the hackers would slightly modify real images to make them harder to trace.
On April 11, Jake Gallen, CEO of Emblem Vault, warned the crypto community about a scam that cost him over $100,000 in digital assets. How does the scam work? Read the full story.
Loading...
The Most Liked Crypto News Findings
Looking for more latest crypto news on related topic? We have gathered similar news articles for you to spare your time. Take a look!
Latest Crypto News & Videos
×
Verified
