North Korean Hackers Target Job Seekers With ClickFix Attacks
KnowBe4, September 18,2025
North Korean hackers behind the 'Contagious Interview' campaign are using the ClickFix social engineering tactic to target job seekers with phony employment offers, according to researchers at SentinelOne.
'ClickFix typically proceeds as follows,' the researchers explain. 'A targeted job seeker receives an invitation to participate in a job application process, directing them to a lure website where they are prompted to complete a skill assessment.
'During the assessment, the applicant encounters a fabricated error message, such as a camera access issue. They are then instructed to copy and paste command lines, often involving utilities like curl, to download and execute a supposed update from a separate malware distribution server, unknowingly deploying malware in the process.'