North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Loose-lipped neural networks and lazy scammers
October 31, 2024
One topic being actively researched in connection with the breakout of LLMs is capability uplift – when employees with limited experience or resources in some area become able to perform at a much higher level thanks to LLM technology. This is especially important in information security, where cyberattacks are becoming increasingly cost-effective and larger-scale, causing ...
- Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network
October 31, 2024
Since August 2023, Microsoft has observed intrusion activity targeting and successfully stealing credentials from multiple Microsoft customers that is enabled by highly evasive password spray attacks. Microsoft has linked the source of these password spray attacks to a network of compromised devices we track as CovertNetwork-1658, also known as xlogin and Quad7 (7777). Microsoft is publishing ...
- Android malware FakeCall intercepts your calls to the bank
October 31, 2024
An Android banking Trojan called FakeCall is capable of hijacking the phone calls you make to your bank. Instead of reaching your bank, your call will be redirected to the cybercriminals. The Trojan accomplishes this by installing itself as the default call handler on the infected device. The default call handler app is responsible for managing ...
- Peru: Cybercriminals demand 4 million dollars for Interbank customer data
October 31, 2024
Organized crime in Peru has taken a worrying turn, extending its activities from attacks on public transport companies and kidnapping businessmen to cybercrime. These criminals use advanced technology to extort money from large companies, including the recent attack on Interbank bank. Reportedly criminals have breached Interbank’s security systems, stealing the database of millions of customers and ...
- Bedfordshire is the UK’s cyber crime capital
October 30, 2024
The rate in Bedfordshire was nearly four times higher than neighbouring Hertfordshire, which saw 1,300 incidents among its 1.2 million population, reveals analysis of National Fraud Intelligence Bureau (NFIB) data by IT experts Computer Care. Lincolnshire was the police area least affected by cyber crime, with only 438 reports among the one million population – equal ...
- Ireland: Almost 7,000 Government data breaches over last ten years
October 30, 2024
There have been 6,885 data breaches across Government departments over the last ten years. More than half of the breaches, 3,637 of them, occurred at the Department of Social Protection. The Department of Justice accounted for 862 of the breaches, with 757 breaches reported at the Department of Foreign Affairs. The majority of the data breaches ...