North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Wichita airport still without Wi-Fi months after cyber attack
August 19, 2024
It’s been more than three months since a cyber attack on Wichita took the city’s computer systems offline, and one city service is still not completely back to normal. Dwight D. Eisenhower National Airport was impacted by May’s attack. The airport’s Wi-Fi services went down, as well as its departure and arrival screens. While the screens ...
- UK to conduct review on tackling ‘extremist ideologies’, including misogyny
August 18, 2024
UK Home Secretary Yvette Cooper has ordered a review of the United Kingdom’s counterterrorism strategy on how to best tackle threats by “extremist ideologies” including misogyny. Other ideological trends to be investigated by the Home Office include “Islamism” and far-right “extremism”. Cooper said the strategy will “map and monitor extremist trends” and gauge how to direct ...
- How the ransomware attack at Change Healthcare went down: A timeline
August 17, 2024
A ransomware attack earlier this year on UnitedHealth-owned health tech company Change Healthcare likely stands as one of the largest data breaches of U.S. health and medical data in history. Months after the February data breach, a “substantial proportion of people living in America” are receiving notice by mail that their personal and health information was ...
- Unmasking Styx Stealer: How a Hacker’s Slip Led to an Intelligence Treasure Trove
August 16, 2024
In the shadowy world of cybercrime, even the most cunning hackers can make blunders that expose their operations. In this article CPR describes the discovery of Styx Stealer, a new malware variant derived from the notorious Phemedrone Stealer. Check Point investigation revealed critical missteps by the developer of Styx Stealer, including a significant operational security (OpSec) ...
- ‘Keyboard warrior’ jailed for part in UK disorder
August 16, 2024
A man who posted material on social media to stir up racial hatred during recent unrest across the UK has been jailed for three years. Wayne O’Rourke, who had more than 90,000 followers to his X account, posted misinformation about the killing of three young girls in Southport on 29 July and praised the burning of ...
- Rogue AI is the Future of Cyber Threats
August 15, 2024
Yoshua Bengio, regarded as one of the “godfathers” of artificial intelligence, has likened the now-ubiquitous technology to a bear. When we teach the bear to become smart enough to escape its cage, we no longer control it. All we can do after that is try to build a better cage. This should be our goal with ...