Fake LinkedIn jobs trick Mac users into downloading Flexible Ferret malware www.malwarebytes.com/blog/news…
Researchers have uncovered a new Mac-targeted attack that directs victims to a fraudulent job site and persuades them to install malware disguised as a software update.
Threat actors impersonate recruiters on LinkedIn and encourage targets to apply for a role. As part of the supposed application process, victims are asked to record a short video introduction and upload it to a dedicated website.
Once there, users are prompted to install a fake update for the FFmpeg media-processing tool. The download is actually a backdoor linked to the Contagious Interview campaign, which has previously been attributed to the Democratic People’s Republic of Korea (DPRK).
