Security News > 2022 > September > North Korea's Lazarus Hackers Targeting macOS Users Interested in Crypto Jobs
The infamous Lazarus Group has continued its pattern of leveraging unsolicited job opportunities to deploy malware targeting Apple's macOS operating system.
In the latest variant of the campaign observed by cybersecurity company SentinelOne last week, decoy documents advertising positions for the Singapore-based cryptocurrency exchange firm Crypto.com.
The latest disclosure builds on previous findings from Slovak cybersecurity firm ESET in August, which delved into a similar phony job posting for the Coinbase cryptocurrency exchange platform.
Both these fake job advertisements are just the latest in a series of attacks dubbed Operation In(ter)ception, which, in turn, is a constituent of a broader campaign tracked under the name Operation Dream Job.
The intrusions commence with the deployment of a Mach-O binary, a dropper that launches the decoy PDF document containing the job listings at Crypto.com, while, in the background, it deletes the Terminal's saved state.
These attacks are not isolated, for the Lazarus Group has a history of carrying out cyber-assaults on blockchain and cryptocurrency platforms as a sanctions-evading mechanism, enabling the adversaries to gain unauthorized access to enterprise networks and steal digital funds.
News URL
https://thehackernews.com/2022/09/north-koreas-lazarus-hackers-targeting.html
Related news
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- Officials warn of Russia's tech-for-troops deal with North Korea amid Ukraine conflict (source)
- North Korean hackers employ new tactics to compromise crypto-related businesses (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- North Korean hackers create Flutter apps to bypass macOS security (source)
- Hackers use macOS extended file attributes to hide malicious code (source)
- Windows, macOS users targeted with crypto-and-info-stealing malware (source)
- Radiant links $50 million crypto heist to North Korean hackers (source)
- North Korea's fake IT worker scam hauled in at least $88M over six years (source)