North Korean cybercriminals have ramped up a long-running campaign targeting IT workers with the deployment of an array of new malware, in what security researchers described as a responsive operation  that forces them to play “whack-a-mole” to stop efforts to steal cryptocurrency and sensitive information.

According to a recent report from U.S. cybersecurity firm Socket, these malicious node package manager (npm) packages and advanced malware loaders, uploaded to the popular JavaScript package manager, target software engineers by compromising their systems through seemingly legitimate job recruitment offers.