Lazarus Group has been observed continuing its VMConnect campaign by targeting developers with new malicious software packages on open source repositories, according to ReversingLabs. The researchers said that the North Korean group posed as employees of major financial services firm Capital One, using fake job interviews to lure developers into downloading the malware.

Source: Infosecurity