The North Korea-based DEV#POPPER campaign is back, with an updated malware and social engineering arsenal that it's using to target software developers worldwide for data theft. "Based on the malware used, its primary purpose is theft. Targeting Developers With Social EngineeringTo lure in their victims, DEV#POPPER threat actors pose as interviewers looking to hire software developers for nonexistent positions. The latter includes a fresh main function, dubbed "M," which orchestrates data extraction and code execution on different operating systems. "Considering the information stolen, the threat actors would almost immediately have access to all of the user's active browser sessions, cookies, and passwords.
