Particle.news
Download on the App Store
5 ARTICLES
·
4d ago

FBI Warns as New Research Exposes North Korean ‘Contagious Interview’ Crypto Recruiting Scam

Fresh evidence details a pervasive, well-crafted ruse that hiring platforms and crypto firms have struggled to shut down.

Cryptocurrency Bitcoin shopping cart
Olof Haglund, a Stockholm-based entrepreneur, poses for a photo in Stockholm, Sweden, September 2, 2025. REUTERS/Marie Mannes
Military Cyber Hack From North Koreans 3d Illustration. Shows Attack By North Korea And Confrontation Or Online Cybercrime Security Virus Vs America
Image

Overview

  • SentinelOne and Validin linked the operation to North Korean actors using IP and email overlaps, a cluster previously labeled “Contagious Interview” by Palo Alto Networks.
  • Researchers found exposed logs listing more than 230 targets from January to March, spanning coders, executives, consultants, marketers and others in the crypto ecosystem.
  • Impersonators approached victims on LinkedIn or Telegram, steered them to obscure testing sites and custom video tools, and then installed malware or siphoned funds.
  • The FBI issued a fresh alert warning of highly tailored social engineering against employees at cryptocurrency and decentralized finance firms.
  • Robinhood said it disabled domains tied to the scam, LinkedIn said fake recruiter accounts were actioned, Telegram said it removes scams, and Chainalysis estimated $1.34 billion stolen last year as North Korea denies involvement.