DeceptiveDevelopment targets freelance developers.
(www.welivesecurity.com)
from Cat@ponder.cat to cybersecurity@sh.itjust.works on 21 Feb 19:07
https://ponder.cat/post/1722295
from Cat@ponder.cat to cybersecurity@sh.itjust.works on 21 Feb 19:07
https://ponder.cat/post/1722295
- DeceptiveDevelopment targets freelance software developers through spearphishing on job-hunting and freelancing sites, aiming to steal cryptocurrency wallets and login information from browsers and password managers.
- Active since at least November 2023, this operation primarily uses two malware families – BeaverTail (infostealer, downloader) and InvisibleFerret (infostealer, RAT).
- DeceptiveDevelopment’s tactics, techniques, and procedures (TTPs) are similar to several other known North Korea-aligned operations.
threaded - newest