Explorer

North Korea's Lazarus Group Infamous For WannaCry Hack Now Targets Mac Users With Fake Job Posts

North Korean hacking group Lazarus is on the prowl again and it is now phishing Mac users with fake job posts that contain malicious files.

North Korean hacking group Lazarus is on the prowl again and it is now phishing Mac users with fake job posts that contain malicious files. The hacking was discovered by security researchers at ESET who mentioned that the Lazarus group's latest phishing attempts make use of fake phone calls and advertise fake Coinbase Inc developer jobs.

"#ESETresearch #BREAKING A signed Mac executable disguised as a job description for Coinbase was uploaded to VirusTotal from Brazil 🇧🇷. This is an instance of Operation In(ter)ception by #Lazarus for Mac. @pkalnai @dbreitenbacher," ESET Research recently tweeted.

According to the security researchers at ESET, the hacking link that is being circulated is compiled for both Intel and Apple Silicon. "Malware is compiled for both Intel and Apple Silicon. It drops three files: a decoy PDF document Coinbase_online_careers_2022_07.pdf, a bundle http://FinderFontsUpdater.app  and a downloader safarifontagent. It is similar to #ESETresearch discovery in May."

It should be noted that the phishing campaign has so far been successfully blocked, however, the result could have been far worse. According to Kevin Bocek, the Vice President of Security Strategy and Threat Intelligence at Venafi Inc, was quoted as saying by publication Silicone Angle: “This attack targeting developers with signed executables has the potential to inflict huge damage on North Korea’s rivals."

“A key component of the attack is the use of a signed executable disguised as a job description. Code signing certificates have become the modus operandi for many North Korean APT groups, as these digital certificates are the keys to the castle, securing communication between machines of all kinds, from servers to applications, Kubernetes clusters and microservices.”

To recall, North Korean Lazarus Group is infamous for having an extensive track record of targeting potential victims. Lazarus is best known for being behind the WannaCry ransomware spread in 2017 that struck more than 150 countries. The Lazarus Group has regularly popped up since the WannaCry hack of 2017.

Top Headlines

Gigabyte Gaming A16, Its First Made-In-India Gaming Laptop, Debuts With AMD Ryzen Power
Gigabyte Gaming A16, Its First Made-In-India Gaming Laptop, Debuts With AMD Ryzen Power
Will OnePlus Walk Out Of India Amid Oppo Overhaul? What US, Europe Exit Signals
Will OnePlus Walk Out Of India Amid Oppo Overhaul? What US, Europe Exit Signals
Samsung Galaxy Watch 9, Galaxy Watch Ultra 2 All But Confirmed In Latest Teaser
Samsung Galaxy Watch 9, Galaxy Watch Ultra 2 All But Confirmed In Latest Teaser
Samsung Galaxy Z Fold 8 Price In India May Cross Rs 1.8 Lakh, Leaks Point At Dual-Fold Strategy
Samsung Galaxy Z Fold 8 Price In India May Cross Rs 1.8 Lakh, Leaks Point At Dual-Fold Strategy

Videos

Breaking: Aamir Khan Clarifies 3 Idiots Link With Sonam Wangchuk Amid Social Media Debate
Gujarat ATS Action: Five Jaish-Linked Suspects Arrested Over Alleged Terror Plot
PM Modi Jind Roadshow: Prime Minister Flags Off India’s First Hydrogen Train in Haryana
UP Politics: CM Yogi Targets SP-Congress in Shamli, Appeals for Discipline During Kanwar Yatra
Nitin Gadkari EXCLUSIVE: E20 Petrol Reduces Mileage? Gadkari Explains Engine Damage & Ethanol Facts

Photo Gallery

25°C
New Delhi
Rain: 100mm
Humidity: 97%
Wind: WNW 47km/h
See Today's Weather
powered by
Accu Weather
Embed widget