I was targeted by a fake job interview on Wellfound. Instead of becoming a victim I reverse-engineered the malware. Here's the full analysis: 571 encrypted config values decrypted, C2 and Sentry DSN exposed, DPRK/Contagious Interview attribution.

North Korean hackers abuse LNKs and GitHub repos in ongoing campaign

$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

Exposed DPRK reference malware and logs

DPRK tests Google Drive as a malware stager

Tracking DPRK operator IPs over time

Novel DPRK stager using Pastebin and text steganography