A new malware has been found in the wild, posing as an installer in macOS computers.
SentinelLabs recently identified a new malware coming from North Korea, dubbed ‘FlexibleFerret’. It’s part of a larger campaign, ‘Contagious Interview’, where the modus is that the attackers trick users into thinking they’re applying for a job and installing malicious software that they say are Zoom installers and Chrome updates. It’s worth noting that the malware seems to be state-backed as it has extensive data exfiltration and persistent mechanisms.
Mac computers with XProtect should be able to counter these threats through signature updates. XProtect runs in the background and doesn’t require manual scanning- it’s a system-level process that automatically detects and removes threats on macOS systems. However, Mac users should be cautious and only download apps and software from official sources. Awareness is the key to preventing unwanted malware from getting to a computer.
