ReversingLabs researchers have identified new, malicious software packages believe to be linked to a campaign, VMConnect, that our team first identified in August 2023 and which has ties to the North Korean hacking team Lazarus Group. The new samples were tracked to GitHub projects that have been linked to previous, targeted attacks in which developers are lured using fake job interviews. Furthermore, information gathered from the detected samples allowed us to identify one compromised developer and provided insights into an ongoing campaign, with attackers posing as employees of major financial services firms.
The post Fake recruiter coding tests target devs with malicious Python packages appeared first on Security Boulevard.
This article has been indexed from Security Boulevard