Now Hiring: Are you a driven and motivated 1st Line IT Support Engineer?

 

Call Anytime 24/7

 
Mail Us For Support
 
Office Address

North Korean Threat Actors Deploy COVERTCATCH Malware

Threat Intelligence

North Korean hackers are using LinkedIn job scams to distribute COVERTCATCH malware, targeting developers with fake job offers. The attack starts with a coding test that delivers malware disguised as a Python challenge. Once inside the target’s macOS system, it installs a second-stage payload to maintain persistence and steal credentials.

Key Points
• Malware spread via LinkedIn job scams targeting developers.
• Initial infection uses Python coding challenges.
• Malware gains persistence through Launch Agents on macOS.
• Targets include Web3 organizations and cryptocurrency firms.
• North Korea employs social engineering and software supply chain attacks.

Link: North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams (thehackernews.com)

Leave A Comment

Your email address will not be published. Required fields are marked *