While some Americans are nervous about North Korea getting the bomb, it turns out they have already found ways to attack some of us in North America. They’re doing it through a state-sponsored cyberattack group known as PurpleBravo – and their weapon of choice is phony job interviews.

This gets a little twisted, so we’ll try to walk you through it.

The campaign is known as the Contagious Interview cluster. PurpleBravo has targeted more than 3,000 individual IP addresses – mainly in North America and South Asia – by posing as personnel recruiters.

Once a target bites on the lure, PurpleBravo steals browser credentials, cryptocurrency wallet information, and more through tools like BeaverTail (a JavaScript infostealer) and remote access trojans such as PyLangGhost and GolangGhost.

Apparently the fake recruiters are tricking individuals who are genuinely searching for jobs into taking coding tests right on their existing work computers. As they take these tests, they are executing malicious code on their corporate devices – and now the entire company is exposed.

PurpleBravo appears to be targeting companies in AI, cryptocurrency, financial services, IT services, marketing and software development.

So if your employees are willing to do job-searching on the computer you provided them to do work for you, they might be exposing your company to these attacks.

Now, we’ll give you a second to work through this in your head: “Surely my employees wouldn’t be job-seeking on my time and my dime!”

OK. We’re sure you’re right.

But just in case you’re not, understand how easy it is for anyone to get tricked by these fake coding tests from fake recruiters.

They have their own fake LinkedIn personas, purportedly based in Ukraine, and come across to jobseekers as completely legitimate.

Why should someone looking for another job give it a second thought? They probably figure they have nothing to lose by adding their name to some recruiter’s database. Even if the recruiter is fake, so what? They just want a new job.

But it could be a disaster for your company if they fall for this.

You need to educate your employees about this.

Granted, few if any of them will admit they’re looking for a new job – and certainly won’t admit they’re using company-issued computers to do it. But you can’t make that an issue.

Don’t ask them to admit they’re doing it. Just let them know what can happen if they fall for this scam.

Some of them might think you’re making it up to keep them from looking for another job, but if you show them studies like this one and news reports like this one, they might realize how big a problem this is.

We’ve helped many companies train their employees on how to spot cyberattacks, so we’ll be glad to play a role if you’d like. But you’ve got to get a handle on it before Kim Jong Un and friends end up stealing your log-in data and your crypto accounts.

For any and all of your cyber needs, we’re here to help. Make sure you’re shored up and contact us today.