Tenacious Pungsan: A DPRK threat actor linked to Contagious Interview
Contents
Key points and observations
- In September 2024, Datadog Security Research discovered three malicious npm packages:
passports-js
,bcrypts-js
, andblockscan-api
. - These packages had a combined 323 downloads and contained samples of BeaverTail malware, a family of JavaScript infostealers and downloaders used by threat actors associated with Democratic Peopleâs Republic of Korea (DPRK, also referred to as North Korea).
- Reporting from Palo Alto Networks Unit 42 has associated BeaverTail with an ongoing campaign named Contagious Interview, which targets job-seekers in the US tech industry. Victims are encouraged to participate in a fictitious job interview, during which the BeaverTail malware is delivered as part of an interview task.
- Datadog Security Research has linked the samples presented in this blog to Contagious Interview and attributes them to a single threat actor which we designate âTenacious Pungsan.â (We align nation-state threat actor clusters with their national breeds, and the Pungsan is a dog native to North Korea.)
Background
In …
- In September 2024, Datadog Security Research discovered three malicious npm packages:
passports-js
,bcrypts-js
, andblockscan-api
. - These packages had a combined 323 downloads and contained samples of BeaverTail malware, a family of JavaScript infostealers and downloaders used by threat actors associated with Democratic Peopleâs Republic of Korea (DPRK, also referred to as North Korea).
- Reporting from Palo Alto Networks Unit 42 has associated BeaverTail with an ongoing campaign named Contagious Interview, which targets job-seekers in the US tech industry. Victims are encouraged to participate in a fictitious job interview, during which the BeaverTail malware is delivered as part of an interview task.
- Datadog Security Research has linked the samples presented in this blog to Contagious Interview and attributes them to a single threat actor which we designate âTenacious Pungsan.â (We align nation-state threat actor clusters with their national breeds, and the Pungsan is a dog native to North Korea.)
Background
In …