Targeting developers using fake interviews to deliver a Python-based RAT(securonix.com)
securonix.com
Targeting developers using fake interviews to deliver a Python-based RAT
https://www.securonix.com/blog/analysis-of-devpopper-new-attack-campaign-targeting-software-developers-likely-associated-with-north-korean-threat-actors/
Seems like a pointless method to "hide" the code but I've fallen for this myself looking through some files in a compromised WordPress installation and missed these "off the screen" bits initially.