BlueNoroff, the notorious North Korean hacker group responsible for a series of phishing and cybersecurity attacks since 2019, has developed a new malware targeting MacOS users.
According to a report by SentinelLabs, the malware operation, called “Hidden Risk,” is spreading in multiple stages via PDF files. The hackers use fake news headlines and seemingly reliable cryptocurrency market research to trick users and cryptocurrency companies.
Users who download this malicious PDF file are initially presented with a “trusted” PDF, while in the background the malware is downloaded to the MacOS desktop as a separate file. The malware creates a backdoor on the computer, allowing hackers to gain remote access. With this access, attackers can steal sensitive information such as private keys for cryptocurrency wallets and platforms.
FBI warns of North Korean hackers
In the US, the Federal Bureau of Investigation (FBI) has issued various warnings about North Korea-backed hacker groups such as BlueNoroff and Lazarus in recent years. In April 2022, the FBI and CISA stated that crypto companies should take precautions against the threats posed by these state-backed hacker groups.
Stay tuned.