Lazarus Group Deploys Malware With ClickFix Scam in Fake Job Interviews

North Korea’s Lazarus Group uses the ClickFix scam in fake crypto job interviews to deploy malware, steal data, and fund the regime’s programs.

A recent investigation by SentinelLABS and internet intelligence platform Validin reveals that North Korean threat actors behind the Contagious Interview campaign are actively abusing public cybersecurity platforms like Validin, Maltrail, and VirusTotal to improve their malicious activities.

The Contagious Interview campaign, active since at least 2023, targets job seekers in the cryptocurrency and blockchain industries. The goal is to steal money, which helps North Korea’s sanctioned economy and funds its missile programs. It is widely assessed to be a component of the larger Lazarus Group, a state-sponsored entity focused on generating revenue for North Korea.

The research, shared with Hackread.com, reveals that hackers use these platforms, which are designed to help cybersecurity professionals track threats, to monitor their own domains and avoid detection ...