b2b-daily
Home | IT | Cyber Security

North Korean Hackers Target Job Seekers and Developers with New MacOS Malware

Avatar photo
by Dwaine Evans
February 5, 2025
North Korean Hackers Target Job Seekers and Developers with New MacOS Malware

In a burgeoning wave of cyber threats, North Korean hackers have launched an insidious campaign targeting job seekers and developers, utilizing a sophisticated variant of the macOS Ferret malware family. This ominous campaign, dubbed “Contagious Interview,” has been traced to North Korean threat actors who deceitfully pose as job interviewers to trick victims into downloading malware onto their systems. The campaign’s malware arsenal includes several pernicious variants: FROSTYFERRET_UI, FRIENDLYFERRET_SECD, MULTI_FROSTYFERRET_CMDCODES, and BeaverTail, which deploys the nefarious Python backdoor known as InvisibleFerret. SentinelOne researchers recently unearthed another variant, FlexibleFerret, which first surfaced in November 2023, ingeniously circumventing Apple’s robust XProtect detection.

The Expanding Target Base

Initially targeting job seekers, this harmful campaign has now broadened its scope to ensnare developers. When the malware gains access to a victim’s system, it commences a series of malicious actions, starting with executing a shell script to install a persistence agent, thus ensuring it reactivates even after system reboots. The malware disguises itself as legitimate software updates, such as mimicking a Google Chrome update, allowing it to stealthily extract sensitive information from compromised devices, specifically aiming at web browsers and cryptocurrency wallets to harvest crucial data.

The progression of these malware strains highlights a broader trend in cybersecurity, where threat actors are constantly evolving their methods to outsmart advanced security protocols. The techniques employed in the FlexibleFerret variant emphasize this relentless pursuit of greater deceit and efficiency in evading detection. These developments serve as a stark reminder of the ongoing threats posed by state-sponsored cybercriminals, emphasizing the need for enhanced cybersecurity measures. By examining the technical details of these malware variants, the research underscores the crucial importance of vigilance and robust security practices amidst ever-evolving cyber threats.

Information Security

Explore more

What Guardrails Make AI Safe for UK HR Decisions?
April 28, 2026

Lead: The Moment a Black Box Decides Pay and Potential A single unseen line of code can tilt a shortlist, nudge a rating, and quietly reroute a career overnight, while no one in the room can say exactly why the machine chose that path. Picture a candidate rejected by an algorithm later winning an unfair discrimination claim; the tribunal asks

Is AI Fueling Skillfishing, and How Can Hiring Fight Back?
April 28, 2026

The Hook: A Resume That Worked Too Well Lights blink on dashboards, projects stall, and the new hire with the flawless resume misses the mark before week two reveals the gap between performance theater and real work. The manager rereads the portfolio and wonders how the interview panel missed the warning signs, while the team quietly picks up the slack

Choose the Best E-Commerce Analytics Tools for 2026
April 28, 2026

Headline: Signals to Strategy—How Unified Analytics, Behavior Insight, and Discovery Engines Realign Retail Growth The Setup: Why Analytics Choices Decide Growth Now Budgets are sprinting ahead of confidence as acquisition costs climb, margins compress, and shoppers glide between marketplaces and storefronts faster than teams can reconcile the numbers that explain why performance shifted and where money should move next. The

Can One QR Code Connect Central Asia to Global Payments?
April 28, 2026

Lead A single black-and-white square at a market stall in Almaty now hints at a borderless checkout, where a traveler’s scan can settle tabs from Silk Road bazaars to Shanghai boutiques without a second thought.Street vendors wave customers forward, hotel clerks lean on speed, and tourists expect the same tap-and-go ease they know at home—only now the bridge runs through

AI Detection in 2026: Tools, Metrics, and Human Checks
April 28, 2026

Introduction Seemingly flawless emails, essays, and research reports glide across desks polished to a mirror sheen by unseen algorithms that stitch sources, tidy syntax, and mimic cadence so persuasively that even confident readers second-guess their instincts and reach for proof beyond gut feeling. That uncertainty is not a mere curiosity; it touches grading standards, editorial due diligence, grant fairness, and