Krutika Adani
North Korea’s Lazarus Group created three fake firms—including two U.S.-registered LLCs—to spread malware in the crypto industry.
BlockNovas LLC (New Mexico)
SoftGlide LLC (New York)
Angeloper Agency (unregistered)
All part of a malware campaign called “Contagious Interview.”
Hackers used fake job interviews to infect developers’ systems, aiming to steal wallets and credentials and infiltrate legitimate companies.
To appear legit, they used AI-made employee profiles and domains like blocknovas[.]com—making the operation nearly indistinguishable from the real deal.
From the Axie Infinity hack ($625M) to this new scheme, Lazarus continues to weaponize trust to steal billions from the crypto world.