Thursday, September 21, 2023

Lazarus Hackers Target Apple Mac Users With Fake Jobs

Must read

Shreya Christina
Shreya has been with for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

Notorious in North Korea Lazarus hacking group is back in action, targeting Apple mac users with fake job e-mails containing malicious files.

Researchers from cybersecurity firm ESET posted a screenshot on Twitter showing fake job openings from leading crypto exchange Coinbase by Lazarus, famous for spreading the WannaCry ransomware worldwide in 2017.

The fake vacancy was for a technical manager, product security, at Coinbase.

“A signed Mac executable disguised as a feature description for Coinbase was uploaded to VirusTotal from Brazil. This is a copy of Operation by Lazarus for Mac,” the ESET researchers wrote in a tweet.

The fake job emails have an attachment containing malicious files that both Intel and Apple chip-powered Mac computers.

“Malware is compiled for both Intel and Apple Silicon. It drops three files: a decoy PDF document, a bundle and a downloader,” researchers warned.

The Mac malware campaign is new and not part of previous Lazarus campaigns.

This time “the bundle was signed on July 21 (by timestamp) using a certificate issued in February 2022 to a developer named Shankey Nohria. The application was not notarized and Apple withdrew the certificate on August 12,” the researchers note.

Last month, cybersecurity researchers linked Lazarus to stealing $100 million worth of digital tokens from Harmony, the crypto startup behind Horizon Blockchain Bridge.

The Lazarus Group has committed several major cryptocurrency thefts totaling more than $2 billion, and has recently turned its attention to Decentralized Finance (DeFi) services such as cross-chain bridges, according to London-based blockchain analytics provider Elliptic.

The same group is said to be behind the $540 million hack Ronin Bridge.


Meet India’s Real Gully Boy: Meesho’s Vidit Aatrey Takes Entrepreneurial Dream Deep Into Bharat

Indians spend half an hour on memes every day and that has increased by 80% in the past year

More articles


Please enter your comment!
Please enter your name here

Latest article