North Korean hackers use fake recruitment tests to target cryptocurrency developers

Golden Finance reports that a North Korean hacker group is targeting cryptocurrency developers through false recruitment tests. Hackers disguise themselves as recruiters on LinkedIn and send programming test questions containing malicious code to developers. Once the files are opened, they will install stolen software, endangering the security of the victim's system. According to Hakan Unal, the head of Cyvers Advanced Security Operations Center, hackers mainly intend to steal developer credentials and access code, including cloud configurations, SSH keys, system metadata, and wallet access permissions. The attack was carried out by the North Korean hacker group Slow Pisces (also known as Jade Sleet). Security experts advise developers to remain vigilant against unsolicited job opportunities with excessively favorable conditions.