North Korean state-sponsored threat actors are targeting macOS users with new malware, utilizing a strategy that combines two popular approaches – fake job ads, and ClickFix, experts have warned.
Security researchers Jamf confirmed they have spotted attacks in the wild using ClickFix, an attack method in which the victim is presented with a fake problem, and at the same time, presented with a fix. It is an evolution of the old “You have a virus” popup that dominated the internet in the early 2000’s. Jamf says ‘DPRK-aligned operators’ from the FlexibleFerret malware family have been creating fake companies, fake LinkedIn profiles and, most importantly – fake job ads, as part of a wider campaign called Contagious Interview.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cookies: What they are for, associated risks, and what session hijacking has to do with it
September 2, 2025
When you visit almost any website, you’ll see a pop-up asking you to accept, decline, or customize the cookies it collects. Sometimes, it just tells you that cookies are in use by default. Kaspersky researchers randomly checked 647 websites, and 563 of them displayed cookie notifications. Most of the time, users don’t even pause to think ...
- Hackers are now hiding malware in the images served up by LLMs
August 31, 2025
As AI tools become more integrated into daily work, the security risks attached to them are also evolving in new directions. Researchers at Trail of Bits have demonstrated a method where malicious prompts are hidden inside images and then revealed during processing by large language models. The technique takes advantage of how AI platforms downscale images ...
- Storm-0501’s evolving techniques lead to cloud-based ransomware
August 29, 2025
Microsoft Threat Intelligence has observed financially motivated threat actor Storm-0501 continuously evolving their campaigns to achieve sharpened focus on cloud-based tactics, techniques, and procedures (TTPs). While the threat actor has been known for targeting hybrid cloud environments, their primary objective has shifted from deploying on-premises endpoint ransomware to using cloud-based ransomware tactics. Unlike traditional on-premises ransomware, ...
- WhatsApp fixes ‘zero-click’ bug used to hack Apple users with spyware
August 29, 2025
WhatsApp said on Friday that it fixed a security bug in its iOS and Mac apps that was being used to stealthily hack into the Apple devices of “specific targeted users.” The Meta-owned messaging app giant said in its security advisory that it fixed the vulnerability, known officially as CVE-2025-55177, which was used alongside a separate ...
- How attackers adapt to built-in macOS protection
August 29, 2025
If a system is popular with users, you can bet it’s just as popular with cybercriminals. Although Windows still dominates, second place belongs to macOS. And this makes it a viable target for attackers. With various built-in protection mechanisms, macOS generally provides a pretty much end-to-end security for the end user. This post looks at how ...
- Free webinar exploring the future of cyber security in critical industries
August 28, 2025
On 5 September 2025, cyber security professionals and industry leaders will gather online for a free, expert-led webinar: “Securing systems, data, and people: What are cyber security experts’ concerns for the future?”. This session serves as a precursor to the IET’s Cyber Security for Critical Industries Conference 2025, offering attendees a valuable glimpse into the ...