North Korea Hackers Spotted Targeting Job Seekers with macOS Malware


North Korea Hackers

The North Korea-backed Lazarus Group has been observed targeting job seekers with malware capable of executing on Apple Macs with Intel and M1 chipsets.

Slovak cybersecurity firm ESET linked it to a campaign dubbed “Operation In(ter)ception” that was first disclosed in June 2020 and involved using social engineering tactics to trick employees working in the aerospace and military sectors into opening decoy job offer documents.

The latest attack is no different in that a job description for the Coinbase cryptocurrency exchange platform was used as a launchpad to drop a signed Mach-O executable. ESET’s analysis comes from a sample of the binary that was uploaded to VirusTotal from Brazil on August 11, 2022.

Read more…