The North Korean threat groups responsible for the persistent Contagious Interview initiative are extending their reach within the npm ecosystem by releasing additional harmful packages that distribute the BeaverTail malware, alongside a fresh remote access trojan (RAT) loader.
“These new specimens utilize hexadecimal string encoding to bypass automated detection mechanisms and manual code evaluations, indicating a variation.