Inside DPRK's Fake Job Platform Targeting U.S. AI Talent

Description

This analysis details a sophisticated DPRK-linked operation called Contagious Interview, which uses a fake job platform to target U.S. AI talent. The campaign mimics legitimate recruitment processes, offering job listings from well-known tech companies to lure victims. The platform, hosted at lenvny[.]com, is designed to appear as a legitimate AI-powered interview tool. It employs various techniques to establish credibility, including professional design, fake testimonials, and comparisons with real companies. The attack culminates in a malware delivery through a clipboard hijacking technique, triggered when victims attempt to record a video introduction. This operation specifically targets high-value professionals in AI and cryptocurrency sectors, aiming to gain access to strategic information and financial assets.