lazarus.day
Actors
Reports
Incidents
IoCs
Analytics
Actors
Reports
Incidents
IoCs
Support
#InvisibleFerret
Malware
2023-11-21 •
Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors
Share:
34
Tagged Reports
29
Unique Authors
945
Active Days
Tagged Reports
2026-06-22
Melted In Hex
Dead Drops on the Blockchain: Reversing a DPRK npm Loader (PolinRider / A6-Shadow-15)
#Lazarus
#PolinRider
#BeaverTail
#InvisibleFerret
#NPM
#EtherHiding
2026-05-22
Trend Micro
Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware
#InvisibleFerret
#VoidDokkaebi
2026-05-14
Open Source Malware
How malware abuses npm lifecycle scripts and VS Code tasks
#NPM
#VSCode
#Lazarus
#ContagiousInterview
#BeaverTail
#InvisibleFerret
#TasksJacker
#Axios
2026-04-01
Break Glass Intelligence
Two IOCs In, Five C2 Servers Out: Mapping DPRK's Contagious Interview Campaign From InvisibleFerret to a Kimsuky Crossover
#ClickFix
#ContagiousInterview
#InvisibleFerret
#Kimsuky
2026-03-11
Microsoft
Contagious Interview: Malware delivered through fake developer job interviews
#ContagiousInterview
#InvisibleFerret
#OtterCookie
#VSCode
2026-02-15
unpacker
Beyond the Backdoor: How Contagious Interview Is Surgically Tampering with MetaMask Wallets
#BeaverTail
#ContagiousInterview
#InvisibleFerret
#NPM
2025-11-19
Gen Digital
Alliances of convenience: How APTs are beginning to work together
#InvisibleFerret
#Lazarus
2025-11-13
NVISO
Contagious Interview Actors Now Utilize JSON Storage Services for Malware Delivery
#ContagiousInterview
#InvisibleFerret
2025-09-25
ESET
DeceptiveDevelopment: From primitive crypto theft to sophisticated AI-based deception
#DeceptiveDevelopment
#BeaverTail
#ClickFix
#InvisibleFerret
#Tropidoor
#Tsunami
#T1585.001
#T1078
#T1589
#T1204.001
#T1055
#T1566.001
#T1036
#T1497
#T1027
#T1204.002
#T1566.002
#T1056.001
#T1586
#T1105
#T1071.001
#T1059
2025-09-10
Any Run
Lazarus Group Attacks in 2025: Overview for SOC Teams
#ContagiousInterview
#ITWorker
#InvisibleFerret
#Lazarus
#OtterCookie
#PylangGhost
2025-08-09
Birmingham Cyber
North Koreas Fur Shop: Poaching for OTTERS, Beavers, Ferrets AND Capybaras
#BeaverTail
#InvisibleFerret
#Lazarus
#OtterCookie
#Slides
2025-07-26
Bloo
InvisibleFerret Threat Intelligence Report
#ContagiousInterview
#InvisibleFerret
#T1562.001
#T1016
#T1027
#T1566.003
#T1560.001
#T1543.003
#T1082
#T1059.003
#T1567.002
#T1041
#T1219
#T1578
#T1204.002
#T1571
#T1071.001
#T1195.002
#T1115
#T1083
#T1555.003
#T1056.001
2025-05-27
Alessio Di Santo
Lazarus Group Targets Crypto-Wallets and Financial Data while employing new Tradecrafts
#BeaverTail
#InvisibleFerret
#Lazarus
2025-05-09
Wazuh
Detecting and responding to InvisibleFerret with Wazuh
#InvisibleFerret
#T1107
#T1044
#T1485
#T1043
#T1204.002
2025-04-24
Silentpush
Contagious Interview (DPRK) Launches a New Campaign Creating Three Front Companies to Deliver a Trio of Malware
#BeaverTail
#ContagiousInterview
#InvisibleFerret
#OtterCookie
#FamousChollima
#ClickFix
1
2
3
»
« Back