North Korean hackers target cryptocurrency developers through open-source software platforms

Jinse Finance reported that a U.S. cybersecurity company stated North Korean hackers have turned one of the world's most widely used software libraries into a vehicle for spreading malware. In a report released last week, researchers from supply chain security company Socket said they discovered more than 300 malicious code packages uploaded to the npm registry—a central code repository where millions of developers share and install JavaScript software. These packages (small, reusable code snippets widely used in everything from websites to cryptocurrency applications) are designed to appear harmless. However, once downloaded, they implant malware capable of stealing passwords, browser data, and cryptocurrency wallet keys. Socket stated that this campaign, which it named "Contagious Interview," is part of a sophisticated operation carried out by North Korean state-sponsored hacker groups. These hackers pose as tech recruiters and specifically target developers in blockchain, Web3, and related fields.