Headline character count: 65

Was only at my 10th espresso just finishing up reading about Iran this morning and I hadn’t even clicked refresh before this gem landed. North Korea’s Contagious Interview crew just dropped 26 fresh malicious packages into the npm registry, and per The Hacker News reporting from March 2, these little bastards are clever enough that I need you to sit down and pay attention.

I’ve been watching this campaign for months. It doesn’t stop. It doesn’t slow down. North Korean state hackers are running what is effectively a malware manufacturing operation targeting software developers, and the supply chain they’re exploiting is the same one your developers use every single day without a second thought.

What Actually Dropped

According to The Hacker News, cybersecurity researchers disclosed a new wave of the ongoing Contagious Interview campaign on March 2, 2026. Twenty-six malicious packages published to the npm registry. C2 infrastructure hosted on Vercel — thirty-one deployments — using Pastebin as a “dead drop resolver.” That last part is worth explaining, because it’s genuinely nasty.

Here’s how it works: the malicious package doesn’t hardcode a C2 server address. That would be too easy to detect. Instead, it fetches a Pastebin page — completely innocuous, just a text file, nothing obviously malicious — and extracts the actual command-and-control server address from that content. So your security tools scan the package, see it fetching a Pastebin URL, shrug, and wave it through. The actual C2 communication only starts after that lookup.

The malware deployed includes nine modules. Nine. This isn’t a quick credential grabber — it’s a comprehensive intelligence collection platform. According to The Hacker News and the Socket research team that’s been tracking this campaign, the modules handle:

• clip: Keylogger, mouse tracker, clipboard stealer with active window tracking. Exfiltrates every 10 minutes. You type your AWS credentials once and they’re gone.
• bro: Python payload for browser credential store theft
• j: Node.js module stealing from Chrome, Brave, Firefox, Opera, Edge — plus MetaMask, Phantom, Coinbase Wallet, Binance, Trust, Exodus, Keplr. Yes, every major crypto wallet extension you can name.
• VS Code persistence (so it survives reboots and reinstalls)
• TruffleHog secret scanning (automatically hunts for API keys and secrets in your codebase)
• Git repository exfiltration
• SSH key theft
• iCloud Keychain access on macOS

And the C2 connects on port 1244 to execute arbitrary shell commands. So once you’ve installed one of these packages, you’ve handed a North Korean state operator a full shell on your developer workstation. Your CI/CD pipeline. Your build environment. Everything downstream of that developer.

Why This Keeps Working

Because we haven’t fixed the underlying problem, and the industry keeps pretending we have.

The Contagious Interview campaign has been running for years. Not months. Years. The attack vector is not novel. “Fake interview, install this package, get owned” — security researchers have been documenting this since at least 2023. And yet here we are in March 2026, and North Korean hackers are still publishing packages that get downloaded thousands of times before anyone notices.

Per SecurityBuzz’s coverage of the campaign’s December 2025 wave, the packages had been downloaded over 31,000 times across one wave alone. Thirty-one thousand. That’s not a handful of careless developers. That’s a systemic failure in how we think about dependency trust.

The packages use realistic naming conventions. They blend into search results. They pass initial review because they appear to do what they claim. The social engineering component — fake job outreach, recruiter messages, take-home coding tests — gets developers to install the specific package as part of a fake interview workflow. Collin Hogue-Spears from Black Duck put it bluntly: “Treat npm as a trusted channel by default, and you’ve effectively given them a free CI/CD pipeline into your developer endpoints.”

That’s exactly right, and nobody wants to hear it because it means actually changing how your development pipelines operate.

The Cryptocurrency Target Is Not Coincidental

North Korea steals cryptocurrency to fund its weapons programs. This is established fact, not speculation. The Lazarus Group has looted billions from crypto platforms. The Contagious Interview campaign targets developers specifically because developers often hold crypto wallets, have access to crypto infrastructure, and have elevated privileges inside their organisations’ cloud environments.

My post on Lazarus going RaaS and renting Medusa to hit US hospitals covers how North Korean operators have diversified their revenue streams. The npm campaign feeds the same machine. A single developer endpoint can open pathways into entire organisations, cloud environments, and financial infrastructure. One infected workstation in a fintech startup is worth far more to them than the developer’s personal MetaMask.

And I wrote about APT37 jumping air gaps with USB drives and Zoho — different DPRK unit, same strategic patience. These operators plan for the long game. The VS Code persistence module in this malware isn’t there so they can grab your GitHub tokens today. It’s there so they can sit in your environment for months, understand your infrastructure, and eventually do something that actually hurts.

What Actually Went Wrong

Let’s do the root cause analysis properly, because “developers are careless” is a lazy answer and I’m tired of lazy answers.

Problem 1: npm doesn’t require identity verification with teeth. You can publish packages under any name. Typosquatting is trivially easy. The registry’s abuse detection is reactive, not proactive. By the time a package gets flagged and removed, it’s been downloaded thousands of times. This isn’t new information and npm/the OpenJS Foundation has made incremental improvements, but they haven’t solved the fundamental trust problem.

Problem 2: Development pipelines trust upstream dependencies by default. Your developers run npm install and something executes. That’s the mental model. The “install, it runs” paradigm has been normal for so long that nobody questions it. But in the current threat environment, that’s catastrophically naive. Every package installation is a potential code execution event on a trusted system.

Problem 3: Developer endpoints are not treated as high-value targets. Your developer’s workstation has access to production secrets, cloud credentials, source code, build systems, and often direct deployment capabilities. From an attacker’s perspective, that’s more valuable than most servers. But most organisations’ EDR policies, network monitoring, and access controls treat developer machines as basically normal endpoints. They’re not.

Problem 4: The social engineering piece bypasses technical controls entirely. When a developer receives a fake recruiter message with a “take-home coding test” that involves installing a specific package, no amount of npm reputation scoring helps. The human accepted the package. Your technical controls didn’t fail. Your security awareness programme did.

Fixer’s Advice — Actually Fix This

This one has concrete mitigations, and none of them require you to buy anything.

Audit your npm dependencies. Not eventually. Run a tool like Socket.dev or Snyk across your dependency tree today. Look for packages with low download counts, recently published, with names that closely resemble popular packages. That’s your hunting ground.

Lock your package versions. Use package-lock.json or yarn.lock religiously. Don’t allow floating version ranges in production dependencies. If a package updates and you haven’t reviewed it, you shouldn’t be running it.

Implement dependency review in your CI/CD pipeline. GitHub has a built-in dependency review action. Use it. It’s free. It flags newly added or updated dependencies with known vulnerabilities.

Treat developer endpoints like servers. EDR. Network monitoring. Log collection. MFA on everything. If a developer’s workstation gets owned, your blast radius should be limited by least-privilege access — not because you got lucky.

Brief your developers on the fake-interview vector. This is the part that requires zero technical tools and has enormous impact. Your developers need to know: if a “recruiter” sends you a coding test that requires installing an npm package you’ve never heard of, that is a social engineering attack. Full stop.

I’ve been screaming about the human element of security failures for years — my piece on the human clusterfuck in cybersecurity covers exactly why technical controls alone will never be enough when the attacker’s primary vector is human trust.

Use private registries with allowlisting. For production builds, consider maintaining a private npm mirror that only includes packages you’ve explicitly reviewed and approved. Yes, this adds operational overhead. No, it’s not optional if you’re a fintech, healthcare company, or anything where a supply chain compromise would be catastrophic.

The Strategic Picture

The CrowdStrike 2026 Threat Report noted 27-second breakout times and AI-enabled malware. The IBM X-Force report called out AI turbocharging attackers while basics still suck. North Korea’s Contagious Interview campaign is the operational expression of both those trends: disciplined, persistent, technically sophisticated, targeting the weakest point in your supply chain, and running continuously.

This campaign won’t stop when these 26 packages get taken down. There will be 26 more. There have been hundreds before them. GitLab published threat intelligence in February 2026 specifically about North Korea’s fake IT worker and Contagious Interview tradecraft, and it’s still going. It will keep going because it works, because developer endpoints are under-protected, and because the upstream registries can’t keep up.

The only answer is to stop trusting what you haven’t verified.