The North Korea-linked threat operation known as Contagious Interview has scaled far beyond its npm origins. Researchers at Socket and Google’s Mandiant now track over 1,700 malicious packages published across npm, PyPI, Go Modules, crates.io, and Packagist — making this one of the most extensive cross-ecosystem supply chain campaigns ever documented.
What Happened
Contagious Interview, active since at least December 2022, started as a social engineering campaign targeting developers through fake job interviews. The operation has since evolved into a full-blown supply chain poisoning effort. The threat actors — tracked as UNC1069 by Mandiant and overlapping with BlueNoroff, Sapphire Sleet, and Stardust Chollima — have been publishing packages that impersonate legitimate developer tooling across every major package registry.
The malicious packages masquerade as common utilities: debug helpers, logging libraries, HTTP clients, and license checkers. Names like debug-logfmt, pino-debug, baraka, libprettylogger, and openlss/func-log are designed to blend into dependency trees without raising suspicion.
Between February 6 and April 7, 2026, the Security Alliance (SEAL) blocked 164 UNC1069-linked domains impersonating Microsoft Teams and Zoom — part of the social engineering pipeline that delivers these packages to targets.
Technical Details
The attack chain has two prongs:
Registry Poisoning: Malicious packages across all five ecosystems act as loaders, fetching staged payloads from attacker-controlled infrastructure. The primary malware families are:
- BeaverTail — JavaScript-based malware hidden inside npm packages. Cross-platform (Windows, Linux, macOS). Functions as an initial loader and infostealer, targeting browser credentials, cryptocurrency wallets, and SSH keys.
- InvisibleFerret — Python-based backdoor deployed as a second stage. Provides persistent remote access, keylogging, and exfiltration capabilities.
Social Engineering: UNC1069 runs multi-week, low-pressure campaigns on Telegram, LinkedIn, and Slack. They impersonate recruiters, known contacts, and trusted brands. The end game is getting targets to click fraudulent Zoom or Teams meeting links that deliver ClickFix-style lures, which execute malware on the victim’s machine.
The Go and Rust packages represent a significant expansion. Previously, Contagious Interview was primarily an npm and PyPI problem. Poisoning Go Modules and crates.io puts backend infrastructure and systems-level code at risk — these ecosystems are heavily used in cloud-native tooling, Kubernetes operators, and embedded systems.
Who’s Affected
Anyone pulling dependencies from npm, PyPI, Go Modules, crates.io, or Packagist. The campaign specifically targets:
- Developers at enterprise software companies
- Media and communications firms
- Cryptocurrency and DeFi projects
- Anyone responding to unsolicited technical recruitment outreach
The scale is staggering: Socket identified over 338 malicious npm packages alone with 50,000+ collective downloads, and that’s just one registry.
What to Do Right Now
Audit your dependencies immediately. Run npm audit, pip audit, or equivalent tooling against your lockfiles. Look for packages you don’t recognize, especially small utility packages added recently.
Pin and verify. Use lockfiles religiously. Enable npm provenance checks. For Go, verify module checksums against the Go checksum database. For Rust, review cargo audit output.
Watch for social engineering. If anyone sends you a “technical assessment” package to install, or a meeting link from an unfamiliar Zoom/Teams domain, treat it as hostile. SEAL maintains a blocklist of known UNC1069 domains.
Check for BeaverTail/InvisibleFerret IOCs. Look for unexpected outbound connections from development machines, particularly to recently registered domains. Monitor for unusual browser credential access patterns and SSH key exfiltration.
Enable package registry security features. npm’s provenance attestations, PyPI’s Trusted Publishers, and Sigstore signing for Go modules all provide supply chain verification. If you’re not using them, start now.
The Bigger Picture
This campaign is the logical evolution of North Korea’s revenue generation strategy. The Lazarus Group ecosystem has shifted from targeting exchanges directly to poisoning the tools developers use every day. With 1,700 packages across five ecosystems, they’re playing a numbers game — and the odds favor the attacker when most organizations still don’t audit their transitive dependencies.
The fact that this has expanded to Go and Rust is particularly concerning for infrastructure teams. These are the languages powering Kubernetes controllers, service meshes, and cloud provider tooling. A single compromised dependency in a widely-used operator could cascade across thousands of clusters.