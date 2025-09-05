Threat Intelligence
Threat intel platforms harnessed in Contagious Interview-linked campaign
Infosecurity Magazine reports that North Korean threat actors have leveraged Validin's threat intelligence platform to facilitate attacks as part of the Contagious Interview campaign. Multiple attempts to infiltrate the infrastructure intelligence portal of Validin have been conducted by North Korean hackers from March to June, with various accounts registered hours following a post detailing activity tied to the Lazarus hacking collective, findings from SentinelOne SentinelLabs and Validin researchers showed. Despite Validin's immediate efforts to hinder the malicious Gmail accounts, attackers persisted in their registration and login attempts, with the platform eventually used to determine not only detection indicators but also potential new infrastructure. However, attackers were also found to have inadvertently leaked log files and directory structures on the platform. "Given the continuous success of their campaigns in engaging targets, it may be more pragmatic and efficient for the threat actors to deploy new infrastructure rather than maintain existing assets," said researchers.
