lazarusholic

2024-08-26, PolySwarm
https://blog.polyswarm.io/devpopper-campaign-targets-software-developers
#NPM #DevPopper

Verticals Targeted: Software Development
Executive Summary
An ongoing social engineering campaign was observed targeting software developers. The threat actors use fake interviews to deliver a Python-based RAT, known as DevPopper.
Key Takeaways
- An ongoing social engineering campaign was observed targeting software developers.
- In the campaign, the threat actors use fake interviews to deliver a Python-based RAT, known as DevPopper.
- The threat actors behind DevPopper have retooled and have evolved their TTPs in recent months.
- The newer DevPopper variant has enhanced capabilities and can target Linux, Windows, and MacOS devices.
What is DevPopper?
An ongoing social engineering campaign was observed targeting software developers. The threat actors use fake interviews to deliver a Python-based RAT, known as DevPopper. Securonix reported on this activity earlier this year and recently provided an update on DevPopper’s evolving TTPs. Victims have primarily been located in South Korea, North America, Europe, and the Middle East. According to Securonix, the campaign is likely …

2d10b48454537a8977affde99f6edcbb7cd6016d3683f9c28a4ec01b127f64d8
33617f0ac01a0f7fa5f64bd8edef737f678c44e677e4a2fb23c6b8a3bcd39fa2
63238b8d083553a8341bf6599d3d601fbf06708792642ad513b5e03d5e770e9b
bc4a082e2b999d18ef2d7de1948b2bfd9758072f5945e08798f47827686621f2