North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Island hopping: The latest security threat you should be aware of
March 12, 2019
While island hopping sounds like a great way to spend a holiday in Thailand or Greece, the term also refers to an advanced cyber attack technique. Though it’s not a new phenomenon, this type of attack increased in prevalence in 2018 and will likely become more and more common. The name ‘island hopping’ comes from a WWII ...
- New SLUB Backdoor Uses GitHub, Communicates via Slack
March 11, 2019
In mid-February, Kaspersky Lab received a request for incident response from one of its clients. The individual who initially reported the issue to our client refused to disclose the origin of the indicator that they shared. What we do know is that it was a screenshot from one of the client’s internal computers taken on ...
- Operational Technology Widens Supply Chain Attack Surfaces
March 8, 2019
Today’s supply chain has evolved, with operational technology (OT) used in factories increasingly becoming connected and converging with IT systems — introducing new attack vectors. This new reality is vital for companies to understand in the context of risk, according to Dawn Cappelli, vice president of global security and CISO at Rockwell Automation and Edna Conway, ...
- New SLUB Backdoor Uses GitHub, Communicates via Slack
March 7, 2019
We recently came across a previously unknown malware that piqued our interest in multiple ways. For starters, we discovered it being spread via watering hole attacks, a technique that involves an attacker compromising a website before adding code to it so visitors are redirected to the infecting code. In this case, each visitor is redirected only ...
- Data-Wiping Cyberattacks Plague Financial Firms
March 6, 2019
Over a quarter of surveyed financial institutions reported that they were targeted by destructive cyberattacks over the past year, bent on completely destroying data. That’s according to a new Carbon Black report unveiled at RSA this year. The report, “Modern Bank Heists: The Bank Robbery Shifts to Cyberspace,” outlines the top attacks that financial firms are facing ...
- IoT Devices Under Constant Attack
March 4, 2019
‘Secure your IoT devices’ is the message from security specialist Cyxtera Technologies, after research found that IoT devices are now under constant attack. The research was conducted jointly by Cyxtera threat researcher Martin Ochoa and researchers from the Singapore University of Technology and Design. They detected more than 150 million connection attempts to 4,642 distinct IP addresses ...