A threat group linked to North Korea, known as CL-STA-0240, is targeting job seekers in the tech industry with a campaign called "Contagious Interview." In this campaign, hackers pretend to be recruiters on job search platforms and invite victims to interviews. During the interviews, the victims are tricked into downloading malware disguised as a coding assignment. The malware, called BeaverTail, works as a downloader and information stealer on both Windows and macOS systems. This leads to the installation of the Python-based InvisibleFerret backdoor. Despite being publicly disclosed, the campaign remains active, largely due to its success in exploiting trust and urgency in job search situations. Recent versions of BeaverTail, written in the Qt framework, enable it to target multiple platforms and steal data, including browser credentials and cryptocurrency wallets.