8/5/2023 0 Comments Lazarus group mac based attackThe interception.dll malware posts fake job offers to bait innocent victims, usually via LinkedIn. They observed that the operation's main goal was surveillance, but it also found incidents of the threat actors using a target's email account through a business email compromise (BEC) to finalize the operation. The binary can exploit Macs packed with Intel processors and with Apple's new M1 chipset.ĮSET experts began researching Operation In(ter)ception around three years back when the experts found attacks against military and aerospace companies. Lazarus made the latest rebuild of the malware, Interception.dll, to deploy on Macs via loading three files- FinderFontsUpdater.app and safarifontsagent, fake Coinbase job offers and two executables. The FBI blamed Lazarus for stealing $625 million in cryptocurrency from Ronin Network, which operates a blockchain platform for the popular NFT game Axie Infinity," reports DarkReading "The ongoing campaign and others from North Korea remain frustrating for government officials. ESET's warning on twitter says that Lazarus posted the fake job offer to Virus total from Brazil. Threat experts at ESET (endpoint detection provider) alerted this week that they found a Mac executable disguised as a job details for an engineering manager position at the famous cryptocurrency exchange operator Coinbase. The state-sponsored group continues to launch phishing attacks under the disguise of fake job opportunities. Advanced Persistent Threat (APT) Lazarus linked to North Korea is increasing its attack base with current operation In(ter)caption campaign, which targets Macs with M1 chip of Apple.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |