SecurityScorecard describes a Famous Chollima job-recruitment lure against one of its developers under the Contagious Interview campaign. The attacker used LinkedIn and crypto-related targeting data to push a Bitbucket coding test, where the repository deployed BeaverTail and attempted to fetch the InvisibleFerret second stage. SecurityScorecard says the target was a developer interested in crypto and that the operation likely sought cryptocurrency access or related intellectual property rather than ordinary credential phishing. The company's STRIKE team isolated the device before the second-stage malware could establish deeper access.