"Fake Job Interviews Target Developers With New Python Backdoor"

A new campaign called "Dev Popper" is using fake job interviews to trick software developers into installing a Python Remote Access Trojan (RAT). To make the interview seem legitimate, developers are asked to download and run code from GitHub. The threat actor wants their targets to download malicious software that collects system information and allows remote access. Based on the observed tactics, Securonix analysts believe North Korean threat actors are behind the campaign, but the links are not strong enough for attribution. Dev Popper attacks involve a multi-stage infection chain based on social engineering, to trick targets through progressive compromise. This article continues to discuss findings regarding the Dev Popper campaign. 

Bleeping Computer reports "Fake Job Interviews Target Developers With New Python Backdoor"

Submitted by grigby1

 

Submitted by Gregory Rigby on