Security researchers have linked a new macOS malware campaign to the Lazarus Group, the North Korea-linked hacking operation behind some of the crypto industry’s biggest thefts.
Flagged on Tuesday, the new “Mach-O Man” malware kit is distributed via “ClickFix” social engineering schemes across traditional businesses and crypto companies, according to Mauro Eldritch, offensive security expert and founder of threat intelligence company BCA Ltd.
Victims are lured into a fake Zoom or Google Meet call where they are prompted to execute commands that download the malware in the background, allowing attackers to bypass traditional controls without detection to gain access to credentials and corporate systems, the security researcher said in a Tuesday report.
Researchers said the…
more
Source cointelegraph.com
Terms of use and third-party services. More here.