North Korean hacker group PurpleBravo has launched attacks on over 3,100 IPs in the AI and crypto industries
Foresight News reported, according to monitoring by Insikt Group, that the North Korean state-sponsored hacker group PurpleBravo (overlapping with the "Contagious Interview" campaign) launched attacks on 3,136 unique IP addresses involved in AI, cryptocurrency, financial services, and IT development fields between August 2024 and September 2025. The group lured developers into executing malicious code on company devices by impersonating fake LinkedIn recruiters, conducting interview programming tests, and using malicious GitHub repositories.
PurpleBravo's toolkit includes the JavaScript information stealer BeaverTail, as well as the cross-platform remote access trojans PyLangGhost and GolangGhost, which are designed to steal browser credentials and cryptocurrency wallet information. Investigations revealed that the group manages its command and control servers via Astrill VPN and IP addresses located in China. Insikt Group emphasized that since the main targets are IT services and personnel outsourcing industries, such attacks could pose serious software supply chain risks to downstream clients.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Data: 100 BTC transferred out from Cumberland DRW, worth approximately $8.81 million
The US dollar crisis may prompt renewed favor for Bitcoin
The number of non-empty Ethereum wallets surpasses 175.5 millions, setting a new record
Trending news
MoreCrypto prices
More
