North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams
(thehackernews.com)
from IllNess@infosec.pub to securitynews@infosec.pub on 07 Sep 2024 18:19
https://infosec.pub/post/17234424
from IllNess@infosec.pub to securitynews@infosec.pub on 07 Sep 2024 18:19
https://infosec.pub/post/17234424
“After an initial chat conversation, the attacker sent a ZIP file that contained COVERTCATCH malware disguised as a Python coding challenge,” researchers Robert Wallace, Blas Kojusner, and Joseph Dobson said.
The malware functions as a launchpad to compromise the target’s macOS system by downloading a second-stage payload that establishes persistence via Launch Agents and Launch Daemons.
#securitynews
threaded - newest