North Korean cybercriminals are increasingly targeting software engineers seeking employment through a new phishing campaign dubbed UNK_DeadDrop, according to cybersecurity firm Proofpoint. The campaign involves hackers posing as recruiters from legitimate companies, contacting potential victims via email with fabricated job opportunities. These emails instruct applicants to complete a technical task as part of the application process, leading them to click on a malicious link. This link delivers malware, compromising the user’s system. The attacks demonstrate a growing sophistication in North Korean cyber tactics, moving beyond traditional targets to exploit career aspirations. Proofpoint’s research highlights the evolving threat landscape and the need for heightened vigilance among job seekers. The campaign underscores the importance of verifying the authenticity of job offers and exercising caution when clicking on links in unsolicited emails.