North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Hacking isn’t canceled: Chinese group attacked Citrix and Zoho during coronavirus lockdown
March 25, 2020
A prolific state-backed Chinese cyber espionage operation started 2020 with one of its largest hacking campaigns – even though the coronavirus lockdown in China appeared to have an impact on the group’s output. The global operation by hacking group APT 41 – widely believed to linked to the Chinese government – targeted businesses in telecoms, manufacturing, healthcare, defence, ...
- WildPressure APT targets industrial-related entities in the Middle East
March 24, 2020
In August 2019, Kaspersky discovered a malicious campaign distributing a fully fledged C++ Trojan that we call Milum. All the victims we registered were organizations from the Middle East. At least some of them are related to industrial sector. Our Kaspersky Threat Attribution Engine (KTAE) doesn’t show any code similarities with known campaigns. Nor have ...
- Monitoring ICS Cyber Operation Tools and Software Exploit Modules To Anticipate Future Threats
March 23, 2020
There has only been a small number of broadly documented cyber attacks targeting operational technologies (OT) / industrial control systems (ICS) over the last decade. While fewer attacks is clearly a good thing, the lack of an adequate sample size to determine risk thresholds can make it difficult for defenders to understand the threat environment, ...
- Hackers breach FSB contractor and leak details about IoT hacking project
March 20, 2020
Russian hacker group Digital Revolution claims to have breached a contractor for the FSB — Russia’s national intelligence service — and discovered details about a project intended for hacking Internet of Things (IoT) devices. The group published this week 12 technical documents, diagrams, and code fragments for a project called “Fronton.” Read more… Source: ZDNet
- Developing Story: Coronavirus Used in Malicious Campaigns
March 20, 2020
The coronavirus disease (COVID-19) is being used in a variety of malicious campaigns including email spam, BEC, malware, ransomware, and malicious domains. As the number of those afflicted continue to surge by thousands, campaigns that use the disease as a lure likewise increase. Trend Micro researchers are periodically sourcing for samples on coronavirus-related malicious campaigns. This report also includes ...
- New Mirai Variant Targets Zyxel Network-Attached Storage Devices
March 19, 2020
As soon as the proof-of-concept (PoC) for CVE-2020-9054 was made publicly available last month, this vulnerability was promptly abused to infect vulnerable versions of Zyxel network-attached storage (NAS) devices with a new Mirai variant – Mukashi. Mukashi brute forces the logins using different combinations of default credentials, while informing its command and control (C2) server of the successful ...