North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Kansas: First responders impacted by City of Wichita cyber attack
May 8, 2024
The City of Wichita is staying tight-lipped on details about a cyber attack that led to the shutdown of some of its online systems. Getting details on the cybersecurity attack, how it happened and what information could be at risk has been a challenge. The City has not had answers to many of KSN’s questions. What ...
- Dmitry Khoroshev named as alleged leader of ransomware gang LockBit
May 7, 2024
The alleged leader of what was once the world’s largest ransomware outfit, LockBit, has been named as Russian national Dmitry Khoroshev by the UK’s National Crime Agency (NCA), after the seizure of the criminal gang’s infrastructure. Khoroshev, who lived his online life under the name LockBitSupp, has been sanctioned by the UK, US and Australia as ...
- China suspected of hacking UK armed forces payroll
May 7, 2024
The government suspects China was behind the hack of an armed forces payroll system, the BBC understands. Defence Secretary Grant Shapps will not identify a specific culprit when he addresses MPs today, but is expected to warn of the dangers posed by cyber espionage from hostile states. The system used by the Ministry of Defence (MoD) ...
- Exploits and vulnerabilities in Q1 2024
May 7, 2024
Software vulnerabilities that threat actors can exploit or are already actively exploiting are a critical component of evolving cyberthreat landscape. In this report, Kaspersky researchers present a series of insightful statistical and analytical snapshots relating to the trends in the emergence of new vulnerabilities and exploits, as well as the most prevalent vulnerabilities being used by ...
- UK: Cyber attack on Scots health board sees stolen data published on dark web
May 7, 2024
A large volume of data stolen during a cyber attack on a health board has been published by a ransomware group. Cyber criminals were able to access a significant amount of data including patient and staff-identifiable information during the attack on NHS Dumfries and Galloway which began at the end of February. Data relating to a ...
- Financial cyberthreats in 2023
May 6, 2024
Money is what always attracts cybercriminals. A significant share of scam, phishing and malware attacks is about money. With trillions of dollars of digital payments made every year, it is no wonder that attackers target electronic wallets, online shopping accounts and other financial assets, inventing new techniques and reusing good old ones. Amid the current threat ...