TECH NEWS

Suspected Norks send 250+ fake dev job pitches to steal crypto

https://image.theregister.com/260157.jpg?imageId=260157&x=0&y=0&cropw=100&croph=100&panox=0&panoy=0&panow=100&panoh=100&width=1200&height=683

There's another likely North Korean-linked scam hitting developers and their employers, while snarfing up credentials and cryptocurrency - and this one doesn't even involve embedding IT workers at high-profile tech giants.

A previously unseen phishing crew, suspected to have DPRK ties, sent more than 250 emails to people working in almost 100 organizations, mostly based in the US, over six weeks in April and May. According to security sleuths, it is yet another digital-heist attempt designed to steal cryptocurrency wallets and developers’ credentials.

Proofpoint threat researchers spotted this campaign and tracked the digital thievery as UNK_DeadDrop.

Like earlier phishing expeditions from the Norks, including the Contagious Interview campaign, this one uses developer recruitment or code review lures to target victims, primarily in technology, education, business services, and financial services, and ultimately steal credentials and cryptocurrency.

In another common tactic seen with DPRK-linked credential-stealing activities, the lures attempt...

Copyright of this story solely belongs to theregister.com. To see the full text click HERE

Read more

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iMCFVYC_pczw/v0/1200x800.jpg

How AI is shaping the 2026 US midterms, as public anger grows against data center expansion and the AI industry emerges as one of the biggest financial backers

Sponsor Posts Fast, affordable law for startups — Soxton automates startup legal so founders can move faster and sleep better. We handle incorporation, advisor, employment and commercial contracts. Join the waitlist for early access! Stop vibe coding analytics — Equals AI turns questions about your business into auditable spreadsheet models and dashboards.