North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Personal data stolen from unsuspecting airport visitors and plane passengers in “evil twin” attacks
July 1, 2024
The Australian Federal Police (AFP) have charged a man for setting up fake free WiFi access points in order to steal personal data from people. The crime was discovered when an airline reported a suspicious WiFi network identified by its employees during a domestic flight. When the alleged perpetrator landed at Perth airport, his bags were ...
- LockBit ransomware attack stole data on millions of Infosys McCamish users
July 1, 2024
When LockBit ransomware affiliates struck Infosys McCamish Systems (IMS) in late 2023, they did not steal sensitive information on some 57,000 people, as was initially thought. Instead, the threat actors stole valuable intel on more than six million people, a new report the IMS shared with the US authorities has said. The type of information stolen ...
- SentinelLabs uncovers new CapraRAT spyware targeting Android users
July 1, 2024
A new report released today by SentinelLabs, warns of a resurgence of CapraRAT spyware targeting mobile gamers and weapons enthusiasts through malicious Android applications. CapraRAT is an Android remote-access trojan virus used by a Pakistan-linked threat actor called Transparent Tribe, also known as APT36, which first emerged around 2018. The malware has primarily been used for ...
- The biggest data breaches in 2024: 1B stolen records and rising
June 29, 2024
We’re over halfway through 2024, and already this year we have seen some of the biggest, most damaging data breaches in recent history. And just when you think that some of these hacks can’t get any worse, they do. From huge stores of customers’ personal information getting scraped, stolen and posted online, to reams of medical ...
- Remote access giant TeamViewer says Russian spies hacked its corporate network
June 28, 2024
TeamViewer, the company that makes widely used remote access tools for companies, has confirmed an ongoing cyberattack on its corporate network. In a statement Friday, the company attributed the compromise to government-backed hackers working for Russian intelligence, known as APT29 (and Midnight Blizzard). The Germany-based company said its investigation so far points to an initial intrusion on ...
- 2024 U.S. Federal Elections: The Insider Threat
June 28, 2024
The Federal Bureau of Investigation (FBI), in coordination with the Department of Homeland Security’s (DHS) Office of Intelligence and Analysis (I&A), the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Election Assistance Commission (EAC) prepared this overview to help partners defend against insider threat concerns that could materialize during the 2024 election cycle. For years, ...