b2b-daily
Search
Close this search box.
Search
Close this search box.
Home | IT | Cyber Security

North Korean Hackers Target Job Seekers and Developers with New MacOS Malware

Avatar photo
by Dwaine Evans
February 5, 2025
North Korean Hackers Target Job Seekers and Developers with New MacOS Malware

In a burgeoning wave of cyber threats, North Korean hackers have launched an insidious campaign targeting job seekers and developers, utilizing a sophisticated variant of the macOS Ferret malware family. This ominous campaign, dubbed “Contagious Interview,” has been traced to North Korean threat actors who deceitfully pose as job interviewers to trick victims into downloading malware onto their systems. The campaign’s malware arsenal includes several pernicious variants: FROSTYFERRET_UI, FRIENDLYFERRET_SECD, MULTI_FROSTYFERRET_CMDCODES, and BeaverTail, which deploys the nefarious Python backdoor known as InvisibleFerret. SentinelOne researchers recently unearthed another variant, FlexibleFerret, which first surfaced in November 2023, ingeniously circumventing Apple’s robust XProtect detection.

The Expanding Target Base

Initially targeting job seekers, this harmful campaign has now broadened its scope to ensnare developers. When the malware gains access to a victim’s system, it commences a series of malicious actions, starting with executing a shell script to install a persistence agent, thus ensuring it reactivates even after system reboots. The malware disguises itself as legitimate software updates, such as mimicking a Google Chrome update, allowing it to stealthily extract sensitive information from compromised devices, specifically aiming at web browsers and cryptocurrency wallets to harvest crucial data.

The progression of these malware strains highlights a broader trend in cybersecurity, where threat actors are constantly evolving their methods to outsmart advanced security protocols. The techniques employed in the FlexibleFerret variant emphasize this relentless pursuit of greater deceit and efficiency in evading detection. These developments serve as a stark reminder of the ongoing threats posed by state-sponsored cybercriminals, emphasizing the need for enhanced cybersecurity measures. By examining the technical details of these malware variants, the research underscores the crucial importance of vigilance and robust security practices amidst ever-evolving cyber threats.

Information Security

Explore more

Why Are Big Data Engineers Vital to the Digital Economy?
November 21, 2025

In a world where every click, swipe, and sensor reading generates a data point, businesses are drowning in an ocean of information—yet only a fraction can harness its power, and the stakes are incredibly high. Consider this staggering reality: companies can lose up to 20% of their annual revenue due to inefficient data practices, a financial hit that serves as

How Will AI and 5G Transform Africa’s Mobile Startups?
November 21, 2025

Imagine a continent where mobile technology isn’t just a convenience but the very backbone of economic growth, connecting millions to opportunities previously out of reach, and setting the stage for a transformative era. Africa, with its vibrant and rapidly expanding mobile economy, stands at the threshold of a technological revolution driven by the powerful synergy of artificial intelligence (AI) and

Saudi Arabia Cuts Foreign Worker Salary Premiums Under Vision 2030
November 21, 2025

What happens when a nation known for its generous pay packages for foreign talent suddenly tightens the purse strings? In Saudi Arabia, a seismic shift is underway as salary premiums for expatriate workers, once a hallmark of the kingdom’s appeal, are being slashed. This dramatic change, set to unfold in 2025, signals a new era of fiscal caution and strategic

DevSecOps Evolution: From Shift Left to Shift Smart
November 21, 2025

Introduction to DevSecOps Transformation In today’s fast-paced digital landscape, where software releases happen in hours rather than months, the integration of security into the software development lifecycle (SDLC) has become a cornerstone of organizational success, especially as cyber threats escalate and the demand for speed remains relentless. DevSecOps, the practice of embedding security practices throughout the development process, stands as

AI Agent Testing: Revolutionizing DevOps Reliability
November 21, 2025

In an era where software deployment cycles are shrinking to mere hours, the integration of AI agents into DevOps pipelines has emerged as a game-changer, promising unparalleled efficiency but also introducing complex challenges that must be addressed. Picture a critical production system crashing at midnight due to an AI agent’s unchecked token consumption, costing thousands in API overuse before anyone