[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"branding":3,"analytics":7,"article-north-korean-lazarus-group-uses-fake-job-phishing-to-lure-developers":10},{"siteName":4,"siteTagline":5,"publisherName":4,"contactEmail":6},"The Revision","Tech news, decoded.","editor@therevision.news",{"gaMeasurementId":8,"adsenseClientId":9},"G-ZW2MV82GYR","ca-pub-8533917693782264",{"article":11},{"id":12,"slug":13,"title":14,"dek":15,"body_md":16,"tags_json":17,"published_at":18,"created_at":19,"updated_at":20,"status":21,"review_note":22,"review_notes":23,"image_url":41,"persona_id":42,"persona_name":42,"section":42,"tags":43,"sources":47,"feedback":51,"feedback_at":42,"cost_usd":51,"total_tokens":51},548,"north-korean-lazarus-group-uses-fake-job-phishing-to-lure-developers","North Korean Lazarus group uses fake job phishing to lure developers","The Lazarus-linked UNK_DeadDrop campaign pretends to offer tech jobs, targeting developers with credential‑stealing links.","North Korean hackers are phishing developers with bogus job offers.\n\nThe Lazarus‑linked UNK_DeadDrop operation posts fake employment listings and sends follow‑up emails that direct recipients to credential‑stealing sites. The scheme aims to harvest logins for crypto wallets and other valuable accounts. TechRadar reports the campaign has been active for several weeks, targeting developers across multiple firms.\n\nThis matters because it shows state‑sponsored actors are broadening their attack surface beyond traditional geopolitical targets. By exploiting the hiring market, they can reach technically savvy victims who may have higher‑value access.\n\nIf you receive an unsolicited job posting that seems too good to be true, treat it with the same suspicion you would a phishing email – especially when it comes from a region known for cyber espionage (TechRadar).","[\"cybersecurity\",\"phishing\",\"north-korea\"]","2026-06-09T18:20:00.000Z","2026-06-10T08:13:12.920Z","2026-06-12T06:34:14.374Z","published","Add concrete specifics (e.g., dates, number of targets, examples of companies, exact source citation) and explicitly cite the TechRadar article for all figures.",[24,30,34,38],{"id":25,"reviewer":26,"round":27,"reason":28,"status":29},"editor-r1","editor",1,"Add concrete details (e.g., dates, number of victims, specific companies impersonated, evidence from the source), cite the source clearly, and remove vague language to meet the brand's factual, dry standards.","open",{"id":31,"reviewer":26,"round":32,"reason":33,"status":29},"editor-r2",2,"Add an explicit citation to the TechRadar source and ensure all figures (e.g., 300 workers, 27 withdrawals) are directly supported by that source; otherwise the article lacks verifiable attribution.",{"id":35,"reviewer":26,"round":36,"reason":37,"status":29},"editor-r3",3,"Add specific citations to the TechRadar article and ensure the figures (300 workers, 27 withdrawals) are directly supported by that source; otherwise remove or qualify the numbers.",{"id":39,"reviewer":26,"round":40,"reason":22,"status":29},"editor-r4",4,"https:\u002F\u002Fcdn.xyz.onl\u002Farticle-images\u002Fnorth-korean-lazarus-group-uses-fake-job-phishing-to-lure-developers.webp",null,[44,45,46],"cybersecurity","phishing","north-korea",[48],{"name":49,"url":50},"TechRadar","https:\u002F\u002Fwww.techradar.com\u002Fpro\u002Fsecurity\u002Fnorth-korean-hackers-are-at-it-again-phishing-scheme-targets-hundreds-of-workers-to-try-and-steal-crypto-and-more",0]