Fake Job Interviews Target Developers With New Python Backdoor

An anonymous reader quotes a report from BleepingComputer: A new campaign tracked as 'Dev Popper' is targeting software developers with fake job interviews in an attempt to trick them into installing a Python remote access trojan (RAT). The developers are asked to perform tasks supposedly related to the interview, like downloading and running code from GitHub, in an effort to make the entire process appear legitimate. However, the threat actor's goal is make their targets download malicious software that gathers system information and enables remote access to the host. According to Securonix analysts, the campaign is likely orchestrated by North Korean threat actors based on the observed tactics. The connections are not strong enough for attribution, though.

Although the perpetrators of the Dev Popper attack aren't known, the tactic of using job lures as bait to infect people with malware is still prevalent, so people should remain vigilant of the risks. The researchers note that the method 'exploits the developer's professional engagement and trust in the job application process, where refusal to perform the interviewer's actions could compromise the job opportunity,' which makes it very effective.

Read more of this story at Slashdot.