North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Europol: 12 Targeted For Involvement In Ransomware Attacks Against Critical Infrastructure
October 29, 2021
A total of 12 individuals wreaking havoc across the world with ransomware attacks against critical infrastructure have been targeted as the result of a law enforcement and judicial operation involving eight countries. These attacks are believed to have affected over 1 800 victims in 71 countries. These cyber actors are known for specifically targeting large corporations, ...
- TrickBot malware dev extradited to U.S. faces 60 years in prison
October 29, 2021
A Russian national believed to be a member of the TrickBot malware development team has been extradited to the U.S. and is currently facing charges that could get him 60 years in prison. 38-year old Vladimir Dunaev, also known as FFX, was a malware developer that supervised the creation of TrickBot’s browser injection module, the indictment ...
- Schreiber Foods back to normal after ransomware attack shuts down milk plants
October 29, 2021
Schreiber Foods said its plants and distribution centers are back up and running after a ransomware attack took down their systems earlier last weekend. The food production giant became the latest critical industry company to be hit with ransomware in recent months as cybercriminals continue to show little fear in attacking a variety of industries. Schreiber ...
- Suspected REvil Gang Insider Identified
October 28, 2021
He lolls around on yachts, wears a luxury watch with a Bitcoin address engraved on its dial, and is suspected of buying it all with money he made as a core member of the REvil ransomware gang. The showy billionaire goes by “Nikolay K.”on social media, and German police are hoping he’ll cruise out of Russia ...
- Network Scanning Traffic Observed in Public Clouds
October 28, 2021
Tracking network scanning activities can help researchers understand which services are being targeted. By monitoring the origins of the scanners, researchers can also identify compromised endpoints. If a host belonging to a known organization suddenly starts to scan a part of the internet, it is a strong indicator that the host is compromised. This blog summarizes ...
- EU Green Pass-generation keys stolen – sources
October 27, 2021
Some of the keys used to generate the European Green Pass have been stolen and distributed on programming networks to create false COVID-19 health certificates, qualified Italian sources said on Wednesday. A series of meetings at the EU level were being held on Wednesday to examine the situation, according to the sources. Read more… Source: ANSA News