North Korean Hackers Adopt Infostealer Spreading Tactics in Latest Campaign

This report describes a North Korean-associated campaign that impersonates recruiters on LinkedIn to lure victims into staged interviews and then instructs them to run troubleshooting terminal commands that download multi-platform malware; the malware steals cryptocurrency (approximately $64,000 observed), and the report includes domain/script IOCs and multiple on-chain wallet addresses along with mitigation recommendations.