It appears North Korean hackers have revisited a tried-and-true scheme to attack Mac owners who work at cryptocurrency exchanges: creating a fake company and corresponding cryptocurrency trading app that actually infects users with malware.
Researcher Patrick Wardle, creator of OS X security firm Objective-See, reported in a blog post late last week that malicious actors set up a website for a phony crypto firm called JMT Trading, with a link to a GitHub page where visitors could supposedly download a trading app. In reality, however, these users were downloading files laced with malware that was uncovered by researchers at MalwareHunterTeam on Oct. 11.
According to Wardle, the malware allows attackers to remotely execute commands and essentially gain control over Mac systems. At the time it was analyzed, it had zero Virus Total detections.
The malware, which arrives in a fake installer file named JMTTrader.pkg, appears to ..
Support the originator by clicking the read the rest link below.
