Security researchers have detailed a phishing simulation mimicking the Lazarus Group's 'Contagious Interview' campaign. The North Korean APT group targets developers with fake job offers, tricking them into cloning a malicious GitHub repository. When opened in VS Code, the project exploits the editor's workspace trust feature to auto-execute hidden scripts, compromising victims.

This simulation serves as a crucial training tool, educating developers on real-world social engineering tactics. By building a safe, educational version, organizations can measure security awareness and teach teams to scrutinize unsolicited job offers and inspect `.vscode/tasks.json` files for suspicious auto-run configurations before trusting any project.

The article provides a technical deep dive, outlining the attack's kill chain and offering step-by-step guidance for deploying an authorized awareness campaign. It emphasizes strict ethical use, requiring organizational approval and anonymized data collection. The goal is to foster a security-first culture where developers learn to verify sources and report suspicious activity, ultimately strengthening defenses against sophisticated state-sponsored threats.