Search
Insights / Crime

Temp.Hermit: North Korean Malware Spread Through Fake Jobs

A North Korean cyber espionage group is using phishing campaigns to target employees in the US aerospace and energy sectors. North Korean APT groups have been active for many years and continue to pose a threat to global cybersecurity. Temp.Hermit (aka UNC2970) is thought to be connected to the Lazarus Group and has been active since 2022 performing phishing activities aimed at employees working in the US technology sector.

However, in 2024, they are seen posing as recruiters from well-known companies in the aerospace and energy sectors and sending out job postings laced with malware. The latest wave of attacks includes realistic profiles based on real people and real companies and improved malware.

Key Judgment 1.  North Korea is highly likely to continue espionage operations with the purpose of stealing sensitive information and gathering intelligence on US critical infrastructure.

Key Judgment 2. The scope of Temp.Hermit targets will likely expand to other sectors of US critical infrastructure and defence. 

Key Judgment 3. The sophistication of the Temp.Hermit techniques will likely continue to evolve and become harder to detect. 

Rest of this post is for paying members only

Already have an account?  Log in

Secret Plan
£14.99
/ month
  • Access to all free content
  • Access to weekly newsletter
  • Access to exclusive reports
Recommended
Top Secret Plan
£39.99
/ month
  • All as in Secret Plan plus:
  • Access to video analysis
  • First access to training program
Secret Plan
£14.99
/ month
  • Access to all free content
  • Access to weekly newsletter
  • Access to exclusive reports
Recommended
Top Secret Plan
£39.99
/ month
  • All as in Secret Plan plus:
  • Access to video analysis
  • First access to training program
Already a member? Log in here
In this article
North KoreaAPT 44Critical InfrastructureCyber espionageCybercrime

Allen P.

Table of Contents
In this article

Related Content

Secret
Crime, Non State Actors

Tokuryū Gangs: Modern Criminals Require Modern Policing

TYPE:_ Intelligence Report
Location:_ Far East
Tags:_ Japan, Crime, Gangs, Organised Crime, Violent Crime, Yakuza
Secret
Defence, Crime

US Ops Against Mexican Cartels: Preparing for Lethal Strikes? 

TYPE:_ Intelligence Report
Location:_ North America
Tags:_ MEXICO, CIA, CJNG, DEA, DIA, JSOC, MQ-9, USA, USAF, USIC
Secret
Geopolitics, Crime

Bangladesh: Facing Foreign Influence Ops, Smuggling, 2026 Election

TYPE:_ Intelligence Report
Location:_ Indian Subcontinent
Tags:_ Bangladesh, Foreign Influence, India, Pakistan, smuggling

Stay in the loop

Get a free weekly email that makes reading
intel articles and reports actually enjoyable.

About
School
The Brief
Services
© 2025 All rights reserved.
Table of Contents

Log in

Stay in the loop

Join thousands of people receiving monthly reports on history alternating events that affect their business, investments and personal life.

Contact

Contact

"*" indicates required fields

Consent
This field is for validation purposes and should be left unchanged.
Log in
Sign up