b2b-daily
Search
Close this search box.
Search
Close this search box.
Home | IT | Cyber Security

North Korean Hackers Target Job Seekers and Developers with New MacOS Malware

Avatar photo
by Dwaine Evans
February 5, 2025
North Korean Hackers Target Job Seekers and Developers with New MacOS Malware

In a burgeoning wave of cyber threats, North Korean hackers have launched an insidious campaign targeting job seekers and developers, utilizing a sophisticated variant of the macOS Ferret malware family. This ominous campaign, dubbed “Contagious Interview,” has been traced to North Korean threat actors who deceitfully pose as job interviewers to trick victims into downloading malware onto their systems. The campaign’s malware arsenal includes several pernicious variants: FROSTYFERRET_UI, FRIENDLYFERRET_SECD, MULTI_FROSTYFERRET_CMDCODES, and BeaverTail, which deploys the nefarious Python backdoor known as InvisibleFerret. SentinelOne researchers recently unearthed another variant, FlexibleFerret, which first surfaced in November 2023, ingeniously circumventing Apple’s robust XProtect detection.

The Expanding Target Base

Initially targeting job seekers, this harmful campaign has now broadened its scope to ensnare developers. When the malware gains access to a victim’s system, it commences a series of malicious actions, starting with executing a shell script to install a persistence agent, thus ensuring it reactivates even after system reboots. The malware disguises itself as legitimate software updates, such as mimicking a Google Chrome update, allowing it to stealthily extract sensitive information from compromised devices, specifically aiming at web browsers and cryptocurrency wallets to harvest crucial data.

The progression of these malware strains highlights a broader trend in cybersecurity, where threat actors are constantly evolving their methods to outsmart advanced security protocols. The techniques employed in the FlexibleFerret variant emphasize this relentless pursuit of greater deceit and efficiency in evading detection. These developments serve as a stark reminder of the ongoing threats posed by state-sponsored cybercriminals, emphasizing the need for enhanced cybersecurity measures. By examining the technical details of these malware variants, the research underscores the crucial importance of vigilance and robust security practices amidst ever-evolving cyber threats.

Information Security

Explore more

Why Should Leaders Invest in Employee Career Growth?
September 15, 2025

In today’s fast-paced business landscape, a staggering statistic reveals the stakes of neglecting employee development: turnover costs the median S&P 500 company $480 million annually due to talent loss, underscoring a critical challenge for leaders. This immense financial burden highlights the urgent need to retain skilled individuals and maintain a competitive edge through strategic initiatives. Employee career growth, often overlooked

Making Time for Questions to Boost Workplace Curiosity
September 15, 2025

Introduction to Fostering Inquiry at Work Imagine a bustling office where deadlines loom large, meetings are packed with agendas, and every minute counts—yet no one dares to ask a clarifying question for fear of derailing the schedule. This scenario is all too common in modern workplaces, where the pressure to perform often overshadows the need for curiosity. Fostering an environment

Embedded Finance: From SaaS Promise to SME Practice
September 15, 2025

Imagine a small business owner managing daily operations through a single software platform, seamlessly handling not just inventory or customer relations but also payments, loans, and business accounts without ever stepping into a bank. This is the transformative vision of embedded finance, a trend that integrates financial services directly into vertical Software-as-a-Service (SaaS) platforms, turning them into indispensable tools for

DevOps Tools: Gateways to Major Cyberattacks Exposed
September 15, 2025

In the rapidly evolving digital ecosystem, DevOps tools have emerged as indispensable assets for organizations aiming to streamline software development and IT operations with unmatched efficiency, making them critical to modern business success. Platforms like GitHub, Jira, and Confluence enable seamless collaboration, allowing teams to manage code, track projects, and document workflows at an accelerated pace. However, this very integration

Trend Analysis: Agentic DevOps in Digital Transformation
September 15, 2025

In an era where digital transformation remains a critical yet elusive goal for countless enterprises, the frustration of stalled progress is palpable— over 70% of initiatives fail to meet expectations, costing billions annually in wasted resources and missed opportunities. This staggering reality underscores a persistent struggle to modernize IT infrastructure amid soaring costs and sluggish timelines. As companies grapple with