News Tech: Lazarus, a North Korean hacking collective, is again on the prowl and is currently scamming Mac users with false job postings that are actually malware files. Security researchers at ESET said that the Lazarus group’s most recent phishing attempts use phoney phone calls and advertise false Coinbase Inc developer jobs when they first learned about the hacking.
According to the security researchers at ESET, the hacking link that is being circulated is compiled for both Intel and Apple Silicon. “Malware is compiled for both Intel and Apple Silicon. It drops three files: a decoy PDF document Coinbase_online_careers_2022_07.pdf, a bundle http://FinderFontsUpdater.app and a downloader safarifontagent. It is similar to #ESETresearch discovery in May.”
“#ESETresearch #BREAKING A signed Mac executable disguised as a job description for Coinbase was uploaded to VirusTotal from Brazil 🇧🇷. This is an instance of Operation In(ter)ception by #Lazarus for Mac. @pkalnai @dbreitenbacher,” ESET Research recently tweeted.
It should be noted that the phishing campaign has so far been successfully blocked, however, the result could have been far worse. According to Kevin Bocek, the Vice President of Security Strategy and Threat Intelligence at Venafi Inc, was quoted as saying by publication Silicone Angle: “This attack targeting developers with signed executables has the potential to inflict huge damage on North Korea’s rivals.”
Check the latest news about tech news section for best information.