DPRK Contagious Interview Lure - Go Backdoor & Swift App
Contents
In this video, I cover a recently discovered DPRK Contagious Interview lure. This campaign has been active for a while and the threat actors target job seekers (primarily in the crypto space). The related Swift app was shared with me by malwarehunterteam :) and it resembles a sample I RE'd and blogged about earlier this year.
This lure results in the download of a zip file that includes a Golang backdoor which was covered in a great blog post here: https://dmpdump.github.io/posts/North...
Related X/Twitter thread which includes IOCs: https://x.com/L0Psec/status/199234807...
This lure results in the download of a zip file that includes a Golang backdoor which was covered in a great blog post here: https://dmpdump.github.io/posts/North...
Related X/Twitter thread which includes IOCs: https://x.com/L0Psec/status/199234807...