{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreifb62wb3ecef57nshtncjhxdut36xcqdlhj2ww35gq7db4lzyuiy4",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mfj3wiiju2x2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreift34zlsxycfwfzjbbsrnbwb4x7xas4l6ybqmcrbkezrfwsr2eqde"
    },
    "mimeType": "image/jpeg",
    "size": 80918
  },
  "path": "/contagious-interview-north-korean-hackers-target-crypto-devs-with-fake-job-npm-malware/",
  "publishedAt": "2026-02-23T06:55:08.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "Contagious Interview: North Korean Hackers Target Crypto Devs with Fake Job NPM Malware",
    "VPN Central"
  ],
  "textContent": "North Korean actors execute Contagious Interview campaign targeting cryptocurrency, Web3, and AI developers. Fake job assessments deliver trojanized NPM packages installing BeaverTail and InvisibleFerret backdoors. Malware surgically replaces MetaMask extensions stealing wallet credentials. Threat actors hide JavaScript payloads in technical interview challenges. Developers execute malicious code during skills tests. Initial beacon contacts C2 retrieving encoded […]\n\nThe post Contagious Interview: North Korean Hackers Target Crypto Devs with Fake Job NPM Malware appeared first on VPN Central.",
  "title": "Contagious Interview: North Korean Hackers Target Crypto Devs with Fake Job NPM Malware"
}