A few months back I saw a post circulating on LinkedIn about a developer who had been targeted by a fake recruiter. The person had been invited to a “technical assessment,” cloned a repository, and ran the code provided as part of the interview. What followed was a silent drain of every credential stored on their machine. I remember reading it and feeling a specific kind of disgust, not just at the technical sophistication of the attack, but at the deliberate choice to weaponize something as emotionally charged as a job search.
Researchers at OpenSourceMalware.com recently published an analysis of a new evolution of that exact campaign, and it is worth understanding in detail.
The Contagious Interview Campaign
The Lazarus Group, a threat actor attributed to North Korea (DPRK), has been running a campaign known as Contagious Interview for several years. The core premise is simple: impersonate a recruiter, find a developer target on LinkedIn, a job board, or a freelance platform, and get them to run code as part of a fake technical assessment.
The target trusts the process. Job seekers are used to cloning repos and running code as part of assessments. That trust is exactly what the attackers exploit.
In previous iterations of the campaign, the malware was often embedded in npm packages or delivered through fake video conferencing tools. The new twist documented by OpenSourceMalware is the use of git hooks as the delivery mechanism.
How Git Hooks Become a Loader
Git hooks are scripts that Git can execute automatically before or after certain events, such as committing, merging, or pushing. They live inside the .git/hooks/ directory of a repository, and by default that directory is not tracked by git itself. This means the hooks are not visible in a normal git log or code review, and most developers never look there.
The infection chain looks roughly like this:
- The developer is contacted by a fake recruiter and invited to complete a coding challenge.
- They clone a repository that appears legitimate.
- Hidden inside
.git/hooks/(for example in apost-mergeorpre-pushscript) is a shell script that acts as a second-stage loader. - The moment the developer runs a routine git command that triggers the hook, the script executes silently and fetches BeaverTail, a JavaScript-based infostealer developed by Lazarus Group.
- BeaverTail, once active, installs InvisibleFerret, a Python-based backdoor that establishes persistence and provides remote access to the attacker.
The entire chain, from git clone to persistent access, can play out without the developer ever noticing something went wrong. No suspicious binary to execute, no obvious install prompt. Just a git merge or a git pull and the machine is compromised.
Why This Attack Hits Differently
I have written before about supply chain attacks targeting open source packages and CI/CD pipelines. Those are dangerous, but they tend to be broad and opportunistic. This campaign is targeted and deliberately cynical.
Job seeking is stressful. When a recruiter from what appears to be a legitimate company reaches out with an interesting opportunity, most people want to believe it. They invest time, prepare, and do their best to impress. The attacker understands this dynamic perfectly. A candidate trying to demonstrate their skills is not going to stop and audit the .git/hooks/ folder of a repo handed to them for an assessment. That moment of trust, of genuine effort, is the attack surface.
The Contagious Interview campaign has been active since at least 2022 and has consistently targeted developers in blockchain, fintech, and defence. LinkedIn, GitHub, and freelance platforms are all used as initial contact vectors. The fake companies, the convincing recruiter profiles (sometimes built with AI-generated photos), and the multi-step interview process are all there to make the target feel they are dealing with something real before the payload ever runs.
Practical Defences
You do not need to become paranoid about every coding challenge, but a few habits go a long way.
Inspect .git/hooks/ after cloning
Before running anything from a cloned repository, check what lives in the hooks directory:
ls -la .git/hooks/
cat .git/hooks/pre-commit 2>/dev/null
cat .git/hooks/post-merge 2>/dev/null
cat .git/hooks/post-checkout 2>/dev/null
If you find shell scripts containing base64-encoded payloads, curl downloads, or anything unrelated to what the repo is supposed to do, stop and walk away.
Disable hooks globally or redirect them
Git lets you configure a global hooks path. You can point it to an empty directory so hooks from cloned repositories never execute on your machine:
mkdir -p ~/.config/git/hooks
git config --global core.hooksPath ~/.config/git/hooks
From this point on, only hooks you deliberately place in ~/.config/git/hooks will run. Every repository you clone will run only the hooks you deliberately put there yourself.
Use isolated environments for assessments
Any coding challenge from an unknown source should run in a disposable environment. A virtual machine, a container, or a cloud sandbox are all valid options. On macOS, the sandbox-exec command or Apple’s new container tooling can provide quick isolation. The key principle: if the machine gets compromised, you delete it and move on.
# Quick ephemeral container for cloning/running assessment code
docker run --rm -it --network none ubuntu:24.04 bash
The --network none flag ensures the container has no outbound connectivity, which prevents any callback or payload download even if a hook executes.
Verify the recruiter and the company independently
Before cloning anything, spend five minutes on the company. Check if their domain is recent (WHOIS lookup), whether their LinkedIn presence has real employees with history, and whether the job posting appears on the official company website. A pattern common in this campaign is recruiting via a professional-looking LinkedIn profile for a company that was registered a few weeks prior.
Run dependency installs with audit flags
If the assessment includes npm install or pip install, run them with additional scrutiny:
npm install --ignore-scripts
pip install --no-deps <package>
The --ignore-scripts flag in npm prevents postinstall scripts from running, which is another common delivery vector in supply chain attacks. For Python, installing without automatic dependency resolution reduces the blast radius.
Conclusion and Further Reading
The git hook technique is a clever evolution of an already effective campaign. It exploits a part of the developer workflow that is generally invisible and trusted, and it targets people at a moment when their guard is naturally lower: trying to land a new job.
The defences are not complicated. Checking hooks before running code, using isolated environments for assessments, and spending a few minutes verifying the legitimacy of a recruiter are all habits that cost little time and significantly raise the bar for an attacker. None of this requires expensive tooling or a security team. It requires awareness.
If you want to go deeper, start with OpenSourceMalware.com, the source of the original research. The site tracks malicious packages across open source ecosystems and their threat intelligence feed is genuinely useful if supply chain security is part of your day job.
The same team runs The OpenSourceMalware Show, available on all major podcast platforms. They cover state-actor campaigns, ransomware abuse of open source, and practical defences. Short episodes, high signal-to-noise ratio.
For a structured breakdown of the Contagious Interview group’s tactics and techniques, the MITRE ATT&CK entry for G1052 is worth bookmarking. It is a solid reference to keep open when reviewing a suspicious incident or writing detection rules.
If you work in development, share this with your team. The campaign is active and ongoing. The next fake recruiter might already be in someone’s inbox.