Contagious Interview
Contagious Interview is a North Korea–aligned threat group active since 2023. The group conducts both cyberespionage and financially motivated operations, including the theft of cryptocurrency and user credentials. Contagious Interview targets Windows, Linux, and macOS systems, with a particular focus on individuals engaged in software development and cryptocurrency-related activities.
Attribution signal
?Score = mentions × confidence weight, summed across all attributed sources. Higher source diversity increases the score.≥ 10 High≥ 3 Moderate< 3 LowAttribution signals
3 mentions · 3 sources"sophisticated state-sponsored groups such as BlueDelta (aka APT28 ) and the North Korean group PurpleBravo"
"Lazarus and DeceptiveDevelopment continued to invest in long-term relationship building with high-value targets"
"The activity has similarities to another North Korean group called Contagious Interview; however, there is no direct overlap in Proofpoint telemetry so Proofpoint Threat Research tracks this activity as a distinct cluster."
Hedge terms observed