North Korean hackers are targeting Apple Mac devices with updated malware


North Korean state-sponsored threat actors are once again setting up fake job interviews in a bid to infect unsuspecting victims with infostealing malware – but this time around, they are focusing on Apple users.

Cybersecurity researcher Patrick Wardle recently discovered a new variant of BeaverTail, a known infostealer capable of grabbing sensitive information from web browsers (including Google Chrome, Brave, and Opera), cryptocurrencies, login credentials, iCloud Keychain, and more. BeaverTail can also serve as a dropper, deploying the InvisibleFerret backdoor for persistent remote access.

Read more…
Source: MSN News


Sign up for our Newsletter


Related:

  • North Korean hackers are targeting Apple Mac devices with updated malware

    July 19, 2024

    North Korean state-sponsored threat actors are once again setting up fake job interviews in a bid to infect unsuspecting victims with infostealing malware – but this time around, they are focusing on Apple users. Cybersecurity researcher Patrick Wardle recently discovered a new variant of BeaverTail, a known infostealer capable of grabbing sensitive information from web browsers ...

  • APT41 Has Arisen From the DUST

    July 18, 2024

    Recently, Mandiant became aware of an APT41 intrusion where the malicious actor deployed a combination of ANTSWORD and BLUEBEAM web shells for persistence. These web shells were identified on a Tomcat Apache Manager server and active since at least 2023. APT41 utilized these web shells to execute certutil.exe to download the DUSTPAN dropper to stealthily load ...

  • New Bugsleep Backdoor Deployed In Recent Muddywater Campaigns

    July 15, 2024

    MuddyWater, an Iranian threat group affiliated with the Ministry of Intelligence and Security (MOIS), is known to be active since at least 2017. During the last year, MuddyWater engaged in widespread phishing campaigns targeting the Middle East, with a particular focus on Israel. Since October 2023, the actors’ activities have increased significantly. Their methods remain consistent, ...

  • iPhone users in 98 countries warned about spyware by Apple

    July 12, 2024

    In April 2024, we reported how Apple was warning people of mercenary attacks via its threat notification system. At the time it warned users in 92 countries. In a new round, Apple is now warning users in 98 countries of potential mercenary spyware attacks. The message sent to the affected users says: “Apple detected that you ...

  • Insights on Cyber Threats Targeting Users and Enterprises in Brazil

    July 12, 2024

    Individuals and organizations in Brazil face a unique cyber threat landscape because it is a complex interplay of global and local threats, posing significant risks to individuals, organizations, and critical sectors of Brazilian society. Many of the cyber espionage threat actors that are prolific in campaigns across the globe are also active in carrying out attempted ...

  • OilAlpha targets Arabic-speaking humanitarian NGOs in Yemen

    July 12, 2024

    OilAlpha continues to target Arabic-speaking entities, as well as those interested in humanitarian organizations and NGOs operating in Yemen. According to reports, users are lured to a deceptive web portal that mimics the generic login interfaces of humanitarian organizations such as CARE International and the Norwegian Refugee Council, with the aim of stealing credentials. It appears ...