PurpleBravo’s Targeting of the IT Software Supply Chain
2026-01-21 • Recorded Future •
https://www.recordedfuture.com/research/purplebravos-targeting-it-software-supply-chain
Attachments
cta-nk-2026-0121.pdf (4 MB)
Recorded Future’s Insikt Group links PurpleBravo to North Korea’s Contagious Interview activity targeting software developers, especially in software development and cryptocurrency-related roles. The campaign uses fraudulent LinkedIn personas, fake recruiter outreach, malicious GitHub repositories, interview tasks, and ClickFix-style prompts to deliver BeaverTail, PyLangGhost, and GolangGhost. Network intelligence tied 3,136 IP addresses and twenty potential victim organizations across AI, cryptocurrency, financial services, IT services, marketing, and software development to likely PurpleBravo targeting from August 2024 to September 2025. The activity creates software supply-chain risk because candidates may run malicious code on corporate devices, exposing employers and downstream customers, and the report also documents overlaps between PurpleBravo infrastructure and PurpleDelta North Korean IT worker activity.
Indicators of Compromise
| Type | Value | First Seen | Last Seen |
|---|---|---|---|
| IPv4 | 51.195.140.214 | 2025-01-26 | 2026-04-17 |
| DOMAIN | outlook.com | 2018-09-06 | 2026-04-17 |
| IPv4 | 38.32.68.195 | 2025-02-25 | 2026-04-12 |
| IPv4 | 216.126.229.166 | 2025-11-13 | 2026-04-02 |
| IPv4 | 45.59.163.23 | 2026-01-21 | 2026-04-01 |
| IPv4 | 89.187.161.180 | 2026-01-21 | 2026-03-17 |
| IPv4 | 66.150.196.58 | 2026-01-21 | 2026-03-17 |
| IPv4 | 192.161.60.132 | 2026-01-21 | 2026-03-17 |
| IPv4 | 142.214.202.2 | 2026-01-21 | 2026-03-17 |
| IPv4 | 155.94.199.59 | 2026-01-21 | 2026-03-17 |
| IPv4 | 167.88.61.117 | 2026-01-21 | 2026-03-15 |
| IPv4 | 67.43.49.10 | 2026-01-21 | 2026-02-28 |
| IPv4 | 147.124.213.19 | 2026-01-21 | 2026-02-26 |
| IPv4 | 67.203.7.205 | 2026-01-21 | 2026-02-26 |
| IPv4 | 172.86.73.198 | 2026-01-21 | 2026-02-26 |
| IPv4 | 38.92.47.152 | 2026-01-21 | 2026-02-26 |
| IPv4 | 66.235.175.117 | 2026-01-21 | 2026-02-26 |
| IPv4 | 147.124.213.232 | 2026-01-12 | 2026-02-26 |
| IPv4 | 66.235.175.109 | 2025-11-13 | 2026-02-26 |
| IPv4 | 23.160.56.155 | 2026-01-21 | 2026-02-22 |
| IPv4 | 64.32.17.130 | 2026-01-21 | 2026-02-22 |
| IPv4 | 216.227.145.218 | 2026-01-21 | 2026-02-22 |
| IPv4 | 103.125.234.210 | 2026-01-21 | 2026-02-22 |
| IPv4 | 77.247.126.189 | 2025-02-25 | 2026-02-22 |
| IPv4 | 66.235.168.238 | 2026-01-12 | 2026-02-15 |
| IPv4 | 147.124.212.125 | 2026-01-12 | 2026-02-03 |
| IPv4 | 146.70.253.107 | 2025-10-10 | 2026-02-03 |
| IPv4 | 147.124.214.129 | 2024-05-10 | 2026-02-03 |
| HASH | 1ddb90ee672c86e09168792871f6d6d… | 2026-01-21 | 2026-01-21 |
| DOMAIN | lunaproxy.com | 2026-01-21 | 2026-01-21 |
| DOMAIN | sms-activate.io | 2026-01-21 | 2026-01-21 |
| DOMAIN | residentialvps.com | 2026-01-21 | 2026-01-21 |
| DOMAIN | proxy-seller.com | 2026-01-21 | 2026-01-21 |
| DOMAIN | powervps.net | 2026-01-21 | 2026-01-21 |
| IPv4 | 74.222.14.74 | 2026-01-21 | 2026-01-21 |
| IPv4 | 103.125.234.62 | 2026-01-21 | 2026-01-21 |
| IPv4 | 63.143.61.57 | 2026-01-21 | 2026-01-21 |
| IPv4 | 211.72.116.247 | 2026-01-21 | 2026-01-21 |
| IPv4 | 162.251.70.66 | 2026-01-21 | 2026-01-21 |
| IPv4 | 103.111.113.26 | 2026-01-21 | 2026-01-21 |
| IPv4 | 103.16.228.16 | 2026-01-21 | 2026-01-21 |
| IPv4 | 23.237.102.130 | 2026-01-21 | 2026-01-21 |
| IPv4 | 144.172.104.113 | 2026-01-21 | 2026-01-21 |
| IPv4 | 107.167.165.11 | 2026-01-21 | 2026-01-21 |
| IPv4 | 165.140.86.154 | 2026-01-21 | 2026-01-21 |
| IPv4 | 176.222.52.77 | 2026-01-21 | 2026-01-21 |
| IPv4 | 208.98.44.2 | 2026-01-21 | 2026-01-21 |
| IPv4 | 45.126.210.144 | 2026-01-21 | 2026-01-21 |
| IPv4 | 144.172.106.133 | 2026-01-21 | 2026-01-21 |
| IPv4 | 84.17.38.140 | 2026-01-21 | 2026-01-21 |
| IPv4 | 162.251.62.70 | 2026-01-21 | 2026-01-21 |
| IPv4 | 169.38.75.87 | 2026-01-21 | 2026-01-21 |
| IPv4 | 178.175.128.98 | 2026-01-21 | 2026-01-21 |
| IPv4 | 125.227.75.208 | 2026-01-21 | 2026-01-21 |
| IPv4 | 95.216.14.148 | 2026-01-21 | 2026-01-21 |
| IPv4 | 38.92.47.118 | 2026-01-21 | 2026-01-21 |
| IPv4 | 178.159.7.34 | 2026-01-21 | 2026-01-21 |
| IPv4 | 91.207.174.99 | 2026-01-21 | 2026-01-21 |
| IPv4 | 104.223.87.12 | 2026-01-21 | 2026-01-21 |
| IPv4 | 165.140.85.105 | 2026-01-21 | 2026-01-21 |
| IPv4 | 205.234.203.122 | 2026-01-21 | 2026-01-21 |
| IPv4 | 198.2.228.23 | 2026-01-21 | 2026-01-21 |
| IPv4 | 165.140.86.160 | 2026-01-21 | 2026-01-21 |
| IPv4 | 103.214.44.138 | 2026-01-21 | 2026-01-21 |
| IPv4 | 63.176.219.134 | 2026-01-21 | 2026-01-21 |
| IPv4 | 103.50.33.16 | 2026-01-21 | 2026-01-21 |
| IPv4 | 158.62.198.177 | 2026-01-21 | 2026-01-21 |
| IPv4 | 43.230.201.68 | 2026-01-21 | 2026-01-21 |
| IPv4 | 84.17.41.94 | 2026-01-21 | 2026-01-21 |
| IPv4 | 167.160.181.2 | 2026-01-21 | 2026-01-21 |
| IPv4 | 206.206.127.80 | 2026-01-21 | 2026-01-21 |
| IPv4 | 14.37.47.13 | 2026-01-21 | 2026-01-21 |
| IPv4 | 144.172.102.148 | 2026-01-21 | 2026-01-21 |
| IPv4 | 144.172.105.189 | 2026-01-21 | 2026-01-21 |
| IPv4 | 23.104.209.6 | 2026-01-21 | 2026-01-21 |
| IPv4 | 216.45.56.2 | 2026-01-21 | 2026-01-21 |
| IPv4 | 67.43.54.10 | 2026-01-21 | 2026-01-21 |
| IPv4 | 217.138.212.194 | 2026-01-21 | 2026-01-21 |
| IPv4 | 38.92.47.155 | 2026-01-21 | 2026-01-21 |
| IPv4 | 199.168.112.175 | 2026-01-21 | 2026-01-21 |
| IPv4 | 108.181.41.234 | 2026-01-21 | 2026-01-21 |
| IPv4 | 118.107.244.171 | 2026-01-21 | 2026-01-21 |
| IPv4 | 165.140.86.181 | 2026-01-21 | 2026-01-21 |
| IPv4 | 43.230.201.57 | 2026-01-21 | 2026-01-21 |
| IPv4 | 173.211.70.246 | 2026-01-21 | 2026-01-21 |
| IPv4 | 211.75.74.223 | 2026-01-21 | 2026-01-21 |
| IPv4 | 91.221.66.87 | 2026-01-21 | 2026-01-21 |
| IPv4 | 144.172.100.124 | 2026-01-21 | 2026-01-21 |
| IPv4 | 61.221.116.109 | 2026-01-21 | 2026-01-21 |
| IPv4 | 61.221.116.28 | 2026-01-21 | 2026-01-21 |
| IPv4 | 107.167.244.42 | 2026-01-21 | 2026-01-21 |
| IPv4 | 185.135.76.89 | 2026-01-21 | 2026-01-21 |
| IPv4 | 158.255.76.195 | 2026-01-21 | 2026-01-21 |
| IPv4 | 5.42.206.34 | 2026-01-21 | 2026-01-21 |
| IPv4 | 61.221.116.19 | 2026-01-21 | 2026-01-21 |
| IPv4 | 211.21.6.181 | 2026-01-21 | 2026-01-21 |
| IPv4 | 211.72.35.109 | 2026-01-21 | 2026-01-21 |
| IPv4 | 104.168.14.206 | 2026-01-21 | 2026-01-21 |
| IPv4 | 185.135.76.115 | 2026-01-21 | 2026-01-21 |
| IPv4 | 60.234.42.250 | 2026-01-21 | 2026-01-21 |
| IPv4 | 94.46.23.20 | 2026-01-21 | 2026-01-21 |
| IPv4 | 60.249.92.67 | 2026-01-21 | 2026-01-21 |
| IPv4 | 185.183.104.67 | 2026-01-21 | 2026-01-21 |
| IPv4 | 173.254.200.134 | 2026-01-21 | 2026-01-21 |
| IPv4 | 38.75.137.97 | 2026-01-21 | 2026-01-21 |
| IPv4 | 107.167.25.130 | 2026-01-21 | 2026-01-21 |
| IPv4 | 103.125.234.161 | 2026-01-21 | 2026-01-21 |
| IPv4 | 45.145.68.10 | 2026-01-21 | 2026-01-21 |
| IPv4 | 212.129.10.242 | 2026-01-21 | 2026-01-21 |
| IPv4 | 169.38.98.22 | 2026-01-21 | 2026-01-21 |
| IPv4 | 95.143.193.150 | 2026-01-21 | 2026-01-21 |
| IPv4 | 80.90.48.191 | 2026-01-21 | 2026-01-21 |
| IPv4 | 91.207.206.10 | 2026-01-21 | 2026-01-21 |
| IPv4 | 172.86.123.55 | 2026-01-21 | 2026-01-21 |
| IPv4 | 107.150.38.250 | 2026-01-21 | 2026-01-21 |
| IPv4 | 103.172.26.58 | 2026-01-21 | 2026-01-21 |
| IPv4 | 45.250.255.140 | 2026-01-21 | 2026-01-21 |
| IPv4 | 173.232.230.137 | 2026-01-21 | 2026-01-21 |
| IPv4 | 125.227.90.115 | 2026-01-21 | 2026-01-21 |
| IPv4 | 45.250.255.59 | 2026-01-21 | 2026-01-21 |
| IPv4 | 166.0.190.170 | 2026-01-21 | 2026-01-21 |
| IPv4 | 82.223.120.180 | 2026-01-21 | 2026-01-21 |
| IPv4 | 45.61.160.28 | 2026-01-21 | 2026-01-21 |
| IPv4 | 202.87.221.237 | 2026-01-21 | 2026-01-21 |
| IPv4 | 144.172.109.155 | 2026-01-21 | 2026-01-21 |
| IPv4 | 144.172.102.21 | 2026-01-21 | 2026-01-21 |
| IPv4 | 85.195.119.90 | 2026-01-21 | 2026-01-21 |
| IPv4 | 204.44.96.131 | 2026-01-21 | 2026-01-21 |
| IPv4 | 23.228.120.12 | 2026-01-21 | 2026-01-21 |
| IPv4 | 50.118.211.10 | 2026-01-21 | 2026-01-21 |
| IPv4 | 66.235.168.17 | 2026-01-21 | 2026-01-21 |
| IPv4 | 38.246.149.2 | 2026-01-21 | 2026-01-21 |
| IPv4 | 45.61.135.4 | 2026-01-21 | 2026-01-21 |
| IPv4 | 103.157.217.145 | 2026-01-21 | 2026-01-21 |
| IPv4 | 50.7.251.66 | 2026-01-21 | 2026-01-21 |
| IPv4 | 61.218.138.181 | 2026-01-21 | 2026-01-21 |
| IPv4 | 67.203.7.200 | 2026-01-21 | 2026-01-21 |
| IPv4 | 31.7.63.94 | 2026-01-21 | 2026-01-21 |
| IPv4 | 172.86.109.49 | 2026-01-21 | 2026-01-21 |
| IPv4 | 211.72.35.118 | 2026-01-21 | 2026-01-21 |
| IPv4 | 67.43.48.10 | 2026-01-21 | 2026-01-21 |
| IPv4 | 38.75.136.211 | 2026-01-21 | 2026-01-21 |
| IPv4 | 107.172.97.67 | 2026-01-21 | 2026-01-21 |
| IPv4 | 172.86.113.115 | 2026-01-21 | 2026-01-21 |
| IPv4 | 37.120.154.98 | 2026-01-21 | 2026-01-21 |
| IPv4 | 206.206.127.135 | 2026-01-21 | 2026-01-21 |
| IPv4 | 61.219.114.7 | 2026-01-21 | 2026-01-21 |
| IPv4 | 185.65.205.130 | 2026-01-21 | 2026-01-21 |
| IPv4 | 89.163.154.155 | 2026-01-21 | 2026-01-21 |
| IPv4 | 104.250.131.79 | 2026-01-21 | 2026-01-21 |
| IPv4 | 82.103.129.80 | 2026-01-21 | 2026-01-21 |
| IPv4 | 172.86.116.90 | 2026-01-21 | 2026-01-21 |
| IPv4 | 204.152.202.111 | 2026-01-21 | 2026-01-21 |
| IPv4 | 31.57.243.55 | 2026-01-21 | 2026-01-21 |
| IPv4 | 23.237.33.110 | 2026-01-21 | 2026-01-21 |
| IPv4 | 211.22.147.226 | 2026-01-21 | 2026-01-21 |
| IPv4 | 170.178.177.178 | 2026-01-21 | 2026-01-21 |
| IPv4 | 193.19.205.26 | 2026-01-21 | 2026-01-21 |
| IPv4 | 135.181.7.162 | 2026-01-21 | 2026-01-21 |
| IPv4 | 211.22.184.184 | 2026-01-21 | 2026-01-21 |
| IPv4 | 125.227.80.190 | 2026-01-21 | 2026-01-21 |
| IPv4 | 103.6.219.221 | 2026-01-21 | 2026-01-21 |
| IPv4 | 103.125.234.107 | 2026-01-21 | 2026-01-21 |
| IPv4 | 61.218.132.193 | 2026-01-21 | 2026-01-21 |
| IPv4 | 104.223.63.2 | 2026-01-21 | 2026-01-21 |
| IPv4 | 50.7.159.34 | 2026-01-21 | 2026-01-21 |
| IPv4 | 37.120.151.162 | 2026-01-21 | 2026-01-21 |
| IPv4 | 50.2.184.50 | 2026-01-21 | 2026-01-21 |
| IPv4 | 185.245.80.217 | 2026-01-21 | 2026-01-21 |
| IPv4 | 211.21.6.136 | 2026-01-21 | 2026-01-21 |
| IPv4 | 125.227.82.145 | 2026-01-21 | 2026-01-21 |
| IPv4 | 85.195.72.66 | 2026-01-21 | 2026-01-21 |
| IPv4 | 211.75.42.136 | 2026-01-21 | 2026-01-21 |
| IPv4 | 45.61.150.30 | 2025-11-13 | 2026-01-21 |
| IPv4 | 165.140.86.227 | 2025-11-13 | 2026-01-21 |
| IPv4 | 38.92.47.91 | 2025-11-13 | 2026-01-21 |
| IPv4 | 38.92.47.151 | 2025-11-13 | 2026-01-21 |
| IPv4 | 38.92.47.85 | 2025-11-13 | 2026-01-21 |
| IPv4 | 66.235.168.232 | 2025-11-13 | 2026-01-21 |
| IPv4 | 45.43.11.201 | 2025-11-13 | 2026-01-21 |
| IPv4 | 144.172.95.226 | 2025-11-13 | 2026-01-21 |
| IPv4 | 144.172.103.97 | 2025-11-13 | 2026-01-21 |
| IPv4 | 45.61.133.110 | 2025-11-13 | 2026-01-21 |
| IPv4 | 144.172.100.142 | 2025-11-13 | 2026-01-21 |
| IPv4 | 147.124.197.138 | 2025-11-13 | 2026-01-21 |
| IPv4 | 88.218.0.78 | 2025-10-20 | 2026-01-21 |
| IPv4 | 23.227.202.244 | 2025-10-10 | 2026-01-21 |
| IPv4 | 38.146.28.177 | 2025-08-28 | 2026-01-21 |
| IPv4 | 144.172.112.106 | 2025-08-12 | 2026-01-21 |
| IPv4 | 151.243.101.229 | 2025-08-06 | 2026-01-21 |
| IPv4 | 144.172.105.235 | 2025-07-31 | 2026-01-21 |
| IPv4 | 144.172.106.7 | 2025-07-31 | 2026-01-21 |
| IPv4 | 144.172.109.98 | 2025-07-31 | 2026-01-21 |
| IPv4 | 45.61.165.45 | 2025-07-31 | 2026-01-21 |
| IPv4 | 45.61.128.61 | 2025-07-31 | 2026-01-21 |
| IPv4 | 107.189.24.80 | 2025-07-30 | 2026-01-21 |
| IPv4 | 212.81.47.217 | 2025-06-18 | 2026-01-21 |
| IPv4 | 31.57.243.29 | 2025-06-18 | 2026-01-21 |
| IPv4 | 154.58.204.15 | 2025-06-18 | 2026-01-21 |
| IPv4 | 31.57.243.190 | 2025-06-18 | 2026-01-21 |
| IPv4 | 199.168.113.31 | 2025-05-30 | 2026-01-21 |
| IPv4 | 195.146.5.31 | 2025-05-30 | 2026-01-21 |
| IPv4 | 89.187.185.11 | 2025-05-30 | 2026-01-21 |
| IPv4 | 167.88.61.148 | 2025-05-30 | 2026-01-21 |
| IPv4 | 89.187.161.220 | 2025-05-30 | 2026-01-21 |
| IPv4 | 129.232.193.253 | 2025-05-30 | 2026-01-21 |
| IPv4 | 37.120.210.2 | 2025-05-12 | 2026-01-21 |
| IPv4 | 188.43.33.252 | 2025-04-23 | 2026-01-21 |
| IPv4 | 154.62.226.22 | 2025-03-31 | 2026-01-21 |
| IPv4 | 38.134.148.218 | 2025-03-31 | 2026-01-21 |
| IPv4 | 95.179.135.133 | 2025-03-15 | 2026-01-21 |
| IPv4 | 45.59.163.56 | 2025-03-15 | 2026-01-21 |
| IPv4 | 216.173.115.200 | 2025-03-15 | 2026-01-21 |
| IPv4 | 134.195.197.175 | 2025-02-28 | 2026-01-21 |
| IPv4 | 172.96.141.172 | 2025-02-28 | 2026-01-21 |
| IPv4 | 103.130.145.210 | 2025-02-28 | 2026-01-21 |
| IPv4 | 194.33.45.162 | 2025-02-25 | 2026-01-21 |
| IPv4 | 70.36.99.82 | 2025-02-25 | 2026-01-21 |
| IPv4 | 23.106.169.120 | 2025-02-25 | 2026-01-21 |
| IPv4 | 45.86.208.162 | 2025-02-25 | 2026-01-21 |
| IPv4 | 38.75.137.213 | 2025-02-25 | 2026-01-21 |
| IPv4 | 74.222.14.83 | 2025-02-25 | 2026-01-21 |
| IPv4 | 23.106.161.1 | 2025-02-25 | 2026-01-21 |
| IPv4 | 91.239.130.102 | 2025-02-25 | 2026-01-21 |
| IPv4 | 208.115.228.234 | 2025-02-25 | 2026-01-21 |
| IPv4 | 38.170.181.10 | 2025-01-26 | 2026-01-21 |
| IPv4 | 209.127.228.186 | 2025-01-26 | 2026-01-21 |
| IPv4 | 67.203.7.163 | 2024-10-23 | 2026-01-21 |
| IPv4 | 23.106.70.154 | 2024-10-23 | 2026-01-21 |
| IPv4 | 74.63.233.50 | 2024-09-23 | 2026-01-21 |
| IPv4 | 192.119.10.67 | 2024-09-23 | 2026-01-21 |
| IPv4 | 104.250.148.58 | 2024-09-23 | 2026-01-21 |
| IPv4 | 66.115.157.242 | 2024-09-23 | 2026-01-21 |
| IPv4 | 192.74.247.161 | 2024-09-23 | 2026-01-21 |
| IPv4 | 198.23.148.18 | 2024-09-23 | 2026-01-21 |
| IPv4 | 147.124.214.237 | 2024-05-10 | 2026-01-21 |
| IPv4 | 147.124.214.131 | 2024-04-25 | 2026-01-21 |
| IPv4 | 66.187.75.186 | 2023-07-12 | 2026-01-21 |
| IPv4 | 185.152.67.39 | 2023-07-12 | 2026-01-21 |
| DOMAIN | ip-api.com | 2022-11-14 | 2026-01-21 |
Related Actors
Related Reports
2026-02-15 •
53% Match
Beyond the Backdoor: How Contagious Interview Is Surgically Tampering with MetaMask Wallets
unpacker
Shares tags: ContagiousInterview, BeaverTail • Shares 2 IOCs • Published within a month
Shares tags: ContagiousInterview, ClickFix, PylangGhost
2026-03-09 •
50% Match
Contagious Interview: Evolution of VS Code and Cursor Tasks Infection Chains Part 2
Abstract Security
Shares tags: ContagiousInterview, GolangGhost, PylangGhost
2026-02-20 •
46% Match
GitLab doxxes North Korea .gov hackers; fresh Ivanti zero-days; AI addiction and human purpose
Security Conversations
Shares tag: ContagiousInterview • Published within a month
Shares tag: ContagiousInterview • Published within a month
Shares tag: ContagiousInterview • Published within a month