North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners on developer systems.

The Tidyverse Blog offers insights, tutorials, and updates on the Tidyverse, a collection of R packages for data science and statistical computing. Covering topics such as data manipulation, visualization, and analysis, the blog provides resources for R developers looking to leverage the power of the Tidyverse for their data projects. Developers can learn how to use Tidyverse packages effectively to clean, transform, and analyze data in R.

The Hacker News

North Korean threat actors are exploiting VS Code task configuration files in fake job assessment projects to deploy backdoors and malware on developer systems. The attack involves tricking developers into cloning malicious repositories and opening them in VS Code, which automatically executes hidden payloads when the project folder is opened. The campaign has evolved to include multiple fallback mechanisms, including malicious npm packages and obfuscated JavaScript that establishes persistent backdoors, deploys cryptocurrency miners, and enables remote code execution. The attacks primarily target developers in cryptocurrency, blockchain, and fintech sectors who have access to valuable financial assets and infrastructure.

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects