North Korean hackers are using a new type of malware called PylangGhost to conduct recruitment scams targeting encryption professionals.

Gate News bot reported that North Korean hackers are luring Crypto Assets professionals into carefully designed fake job interviews, aimed at stealing their data and deploying sophisticated malware on their devices.

Threat intelligence research company Cisco Talos reported on Wednesday that a new Python-based remote access Trojan named "PylangGhost" links malware to a North Korean-affiliated hacker group known as "Famous Chollima" (also referred to as "Wagemole").

The company wrote: "According to the job advertisement, it is clear that the target customers of Famous Chollima are individuals with experience in Crypto Assets and blockchain technology."

The event primarily targets cryptocurrency and blockchain professionals in India, using fraudulent job websites that impersonate legitimate companies like Robinhood and Uniswap.

The scheme first directs job seekers to a skills testing website by fake recruiters, where victims input personal information and answer technical questions.

After completing the assessment, candidates will be asked to enable camera access for a video interview, and then prompted to copy and execute a malicious command disguised as a video driver installation.

Dileep Kumar H V, Director of Digital South Trust, stated that to combat these scams, "India must mandate blockchain companies to conduct cybersecurity audits and monitor fake job portal websites."