North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams
Open link in next tab
North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams
https://thehackernews.com/2024/09/north-korean-threat-actors-deploy.html
North Korean hackers target developers via LinkedIn job scams, spreading malware to infiltrate Web3 and crypto firms.
"After an initial chat conversation, the attacker sent a ZIP file that contained COVERTCATCH malware disguised as a Python coding challenge," researchers Robert Wallace, Blas Kojusner, and Joseph Dobson said.
The malware functions as a launchpad to compromise the target's macOS system by downloading a second-stage payload that establishes persistence via Launch Agents and Launch Daemons.