PANews
PANews|Jan 22, 2026 10:51
[North Korean Hackers Exploit Fake Job Interviews to Target Over 3,100 AI, Crypto, and Financial Company-Related IP Addresses] According to Cryptopolitan, the latest research by security firm Recorded Future reveals that the North Korea-linked hacker group PurpleBravo has launched cyber-espionage activities targeting over 3,100 IP addresses associated with artificial intelligence, cryptocurrency, and financial services companies through fake job interviews. The group poses as recruiters or developers, luring targets into executing malicious code under the guise of technical interviews. The attackers claim to be from crypto or tech companies, asking job seekers to review code, clone repositories, or complete programming tasks. Security researchers have identified 20 victim organizations across regions such as South Asia and North America. The group uses multiple aliases and disguises itself with fake identities from Odessa, Ukraine. The attacks involve remote access trojans like PylangGhost and GolangGhost, which can automatically steal browser credentials and cookies. The hackers also host their malware servers through malicious GitHub repositories, Astrill VPN, and 17 service providers. Additionally, investigations uncovered related Telegram channels selling LinkedIn and Upwork accounts, and the attackers were found to have interacted with the cryptocurrency trading platform MEXC Exchange.
+4
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads