DPRK Hackers Tweak Malware to Lure MacOS Users into Video Calls

Well known for targeting victims with fake job postings, North Korea state-sponsored hackers have been discovered using a new variant of their BeaverTail malware to trick macOS users into downloading a malicious version of Microtalk, a video-calling service.

Details about the latest campaign were published by cybersecurity researcher Patrick Wardle, who explained in his writeup that the threat actors likely lured their victims into downloading the updated BeaverTail-infected version of Microtalk by asking them to join a job interview.

"Yes, even the cloned site states that you can 'start your next video call with a single click. No download … is required,' but I guess, who reads the fine print?" Wardle wrote.

In addition to stealing data from the victim's device, BeaverTail also executes additional payloads, including InvisibleFerret, the report added.

"The North Korean hackers are a wily bunch and are quite adept at hacking macOS targets, even though their technique[s] often rely on social engineering (and thus from a technical point of view are rather unimpressive)," Wardle said.