
Work from home, malware included.
From Only Malware in the Building by DISCARDED | N2K Networks
August 5, 2025 · 32 min · Season 2 · Episode 14
About this episode
The episode discusses social engineering attacks linked to North Korean threat actors posing as tech recruiters to distribute malware.
Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is Selena Larson, Proofpoint intelligence analyst and host of their podcast DISCARDED. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is joined by her co-hosts N2K Networks Dave Bittner and Keith Mularski, former FBI cybercrime investigator and now Chief Global Ambassador at Qintel. Being a security researcher is a bit like being a detective: you gather clues, analyze the evidence, and consult the experts to solve the cyber puzzle. On this episode, our three hosts discuss several articles covering a new wave of social engineering attacks tied to the so-called Contagious Interview campaign. In this operation, threat actors linked to North Korea are reportedly posing as tech recruiters to trick job seekers into downloading malware. The discussion highlights updates to two malware strains—BeaverTail and InvisibleFerret—that have been retooled with cross-platform capabilities and new data theft features, raising fresh concerns about how targeted…
People in this episode
Host: Selena Larson
Guests: Dave Bittner, Keith Mularski
Topics covered
- malware
- social engineering
- cybersecurity
- job scams
- North Korea
- tech recruitment
Keywords
- malware
- social engineering
- Contagious Interview
- BeaverTail
- InvisibleFerret
- cybercrime
- job seekers
- North Korea
Mentioned in this episode
Organizations: Proofpoint, N2K Networks, Qintel, Lazarus Group
Products: BeaverTail, InvisibleFerret
Places: North Korea, New York
More episodes of Only Malware in the Building
- Trusting the wrong package. · June 2, 2026 · 47 min
- Mythbehavior under investigation. · May 5, 2026 · 45 min
- Who’s logging in? · April 7, 2026 · 43 min
- AI swarms and cyber alarms. · March 10, 2026 · 52 min
- When legit is the trick: Phishing’s sneaky new moves. · February 3, 2026 · 40 min
- Poisoned at the source. · January 6, 2026 · 45 min
Explore listener stats, chart rankings, contacts and more on the Only Malware in the Building podcast page.