This PDF malware attacks Apple Mac users! DON’T fall for it; know what experts say
Technology

This PDF malware attacks Apple Mac users! DON’T fall for it; know what experts say

By Daisy

Cybersecurity researchers have found this malicious malware hidden inside a PDF for job offers! Apple Mac users are in danger from this malware. Know the details here.

Cybersecurity researchers have discovered a new phishing attack that deploys dangerous malware to macOS devices. So far, this malware was limited to the Windows platform, but in the latest development, security researchers at cybersecurity company ESET found that North Korean hackers from the Lazarus group have been using a malicious file for macOS to lure the employees into the financial technology sector.

In the past, the hackers of the Lazarus group have used several tactics to create fake job offers, and recently, they used a PDF file loaded with malware propagated with details about a hiring position at Coinbase. The fake document named “Coinbase_online_careers_2022_07” was generated to bring the attention of job seekers and loaded a malicious DLL on the device. It ultimately allows the hackers to take control of the infected device. ESET, the cybersecurity company has also found that malware is ready to infect the macOS systems.

Who is under threat from this malware?

“A signed Mac executable disguised as a job description for Coinbase was uploaded to VirusTotal from Brazil. This is an instance of Operation In(ter)ception by #Lazarus for Mac,” the cybersecurity researchers informed via tweet. They further informed that the malicious PDF file is compiled for Macs with both Intel and Apple silicon. This means your Mac device is under threat whether you have a newer model or an old model of the Mac.

Once the malware is transported to your device, it drops three files on your system, namely: the bundle FinderFontsUpdater.app, the downloader safarifontagent, and a decoy PDF called “Coinbase_online_careers_2022_07” PDF. The researchers noticed that the fake malicious document file was signed on July 21.

However, this is not the first time that the group of Lazarus hackers have targeted Mac users. Last year, a similar campaign targeting macOS users was identified while using the same fake job profile offer tactic but with a different PDF file.

Thankfully, Apple has revoked the certificate on August 12, the cybersecurity team of ESET confirmed. However, the application was not notarized – an automatic process that Apple uses to check software for malicious components.

For all the latest Technology News Click Here 

Read original article here

Denial of responsibility! TechAI is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Daisy 75553 posts 0 comments