North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Toyota confirms customer and employee data stolen, says breach at third party to blame
August 21, 2024
Last week, a cybercriminal using the handle ZeroSevenGroup dumped 240GB of data on the infamous stolen data site BreachForums, that they said came from a hack on the US branch of car manufacturer Toyota. ZeroSevenGroup claims the dump includes customer and employee data. Toyota told BleepingComputer that a breach at a third party had led to the ...
- Selling Ransomware Breaches: 4 Trends Spotted on the RAMP Forum
August 20, 2024
The sale and purchase of unauthorized access to compromised enterprise networks has become a linchpin for cybercriminal operations, particularly in facilitating ransomware attacks. Underground forums are sharing guidelines on breaching networks and selling the access they obtain, leaving the exploitation to other malicious actors. On underground criminal forums, these transactions allow actors with complementary skills to ...
- BVI Electricity Corporation suffers cyber attack
August 20, 2024
The BVI Electricity Corporation (BVIEC) announced on Monday, August 19, that it had fallen victim to a cyberattack. The power company stated that the attack has impacted both their internal and external operations. While the full details of the cyberattack have not been disclosed, BVIEC has assured the public that they are working closely with experts ...
- Ransomware attacks surge over 60% in UK and US
August 20, 2024
Malwarebytes’ 2024 State of Ransomware report published today (20 August) shows a surge in malicious activity on US and UK businesses. The “ThreatDown 2024 State of Ransomware” report reveals an alarming increase in ransomware attacks over the past year. In the US there has been a 63% increase in ransomware attacks on organisations and businesses, with ...
- Amsterdam municipality bans Telegram on work phones over security concerns
August 19, 2024
The municipality of Amsterdam has banned its civil servants from using the messaging app Telegram on their work phones due to concerns over criminal activity and potential espionage, local media reported on Monday. The ban, which was implemented at the end of April but only recently made public, is attributed to fears that Telegram could be ...
- Hacked GPS tracker reveals location data of customers
August 19, 2024
Stalkerware researcher maia arson crimew strikes again. Big time. We know maia as a researcher that loves to go after stalkerware peddlers, which Malwarebytes—as one of the founding members of the Coalition Against Stalkerware—loves to see. The investigation into Tracki, besides uncovering a tangled web of companies, dubious websites, and false identities, also led to a ...