North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- United Health Centers ransomware attack claimed by Vice Society
September 24, 2021
California-based United Health Centers suffered a ransomware attack that reportedly disrupted all of their locations and resulted in patient data theft. United Health Centers is a health care provider in California with twenty-one community health centers servicing Fresno, Kings, and Tulare counties. On August 31st, BleepingComputer was told by a source in the cybersecurity industry that United ...
- Zloader malware is being spread through malicious Google ads
September 24, 2021
The malware is a key part of the cybercrime industry and recently popped up on the radar of Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA). CISA yesterday warned that ZLoader was being used to distribute the Conti ransomware service, which pays ransomware distributors a wage rather than a commission for new infections. Read more… Source: ...
- TangleBot Malware Reaches Deep into Android Device Functions
September 24, 2021
An Android malware called TangleBot has weaved its way onto the cyber-scene: One that researchers said can perform a bouquet of malicious actions, including stealing personal info and controlling apps and device functions. According to Cloudmark researchers, the newly discovered mobile malware is spreading via SMS messaging in the U.S. and Canada, using lures about COVID-19 ...
- Apple Patches 3 More Zero-Days Under Active Attack
September 24, 2021
Apple has patched three actively exploited zero-day security vulnerabilities in updates to iOS and macOS, one of which can allow an attacker to execute arbitrary code with kernel privileges. Apple released two updates on Thursday: iOS 12.5.5, which patches three zero-days that affect older versions of iPhone and iPod devices, and Security Update 2021-006 Catalina for ...
- New advanced hacking group targets governments, engineers worldwide
September 23, 2021
A new hacking group targeting entities worldwide to spy on them has been unmasked by researchers. Dubbed FamousSparrow by ESET, on Thursday, the team said that the advanced persistent threat (APT) group — many of whom are state-sponsored — is a new entry to the cyberespionage space. Believed to have been active since at least 2019, the ...
- Hackers are scanning for VMware CVE-2021-22005 targets, patch now!
September 22, 2021
Threat actors have already started targeting Internet-exposed VMware vCenter servers unpatched against a critical arbitrary file upload vulnerability patched yesterday that could lead to remote code execution. The security flaw tracked as CVE-2021-22005 impacts all vCenter Server 6.7 and 7.0 deployments with default configurations. The flaw was reported by George Noseevich and Sergey Gerasimov of SolidLab LLC, ...