North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- XDR investigation uncovers PlugX, unique technique in APT attack
January 20, 2021
Advanced persistent threats (APT) are known — and are universally dreaded — for their stealth. Actors behind such attacks actively innovate their techniques to evade detection and ensure that they maintain a foothold inside an environment as long as possible. Through the Apex One with Endpoint Sensor (iES), we discovered one such incident wherein an ...
- Bugs in Signal, Facebook, Google chat apps let attackers spy on users
January 20, 2021
Vulnerabilities found in multiple video conferencing mobile applications allowed attackers to listen to users’ surroundings without permission before the person on the other end picked up the calls. The logic bugs were found by Google Project Zero security researcher Natalie Silvanovich in the Signal, Google Duo, Facebook Messenger, JioChat, and Mocha messaging apps and are now ...
- Cyberattack fears raise the alarm in Eastern European countries
January 20, 2021
The cyberattacks that targeted multiple US government agencies and companies in recent months have raised the alarm in developing Eastern European countries regarding their own cybersecurity capabilities. During the past year, some of them, like North Macedonia, have already experienced breaches of their state IT systems: last summer, the country had its electoral process disrupted by ...
- A Chinese hacking group is stealing airline passenger details
January 20, 2021
A suspected Chinese hacking group has been attacking the airline industry for the past few years with the goal of obtaining passenger data in order to track the movement of persons of interest. The intrusions have been linked to a threat actor that the cyber-security has been tracking under the name of Chimera. Believed to be operating ...
- Cisco fixes critical pre-auth bugs in SD-WAN, cloud license manager
January 20, 2021
Cisco has released security updates to address pre-auth remote code execution (RCE) vulnerabilities affecting multiple SD-WAN products and the Cisco Smart Software Manager software. SD-WAN are software products that help manage wide-area networks (WAN) while Smart Software Manager is a cloud-based management solution for Cisco licenses. Unauthenticated attackers can remotely exploit buffer overflow and command injection bugs ...
- Improving Your Security Posture with the Pipeline Cybersecurity Initiative
January 19, 2021
A few years ago, I worked alongside some oil commodity traders. Environmental concerns aside, I never realized how many parts were required to get the oil out of the ground, not to mention everything else that finally resulted in the production of refined products that surround our lives. As a cybersecurity professional, I was more ...