HN notes that the Singapore-based company Group-IB identified this attack in August 2024. It targets both Windows and macOS systems. The hackers trick job seekers by pretending to offer fake job interviews, leading them to download malware disguised as a technical task. The malware, called BeaverTail, allows the hackers to take control of the victim’s computer and steal data. BeaverTail malware has evolved over time. Initially, it was spread through fake technical assessments using JavaScript code, but now it also spreads through Windows and macOS installers that appear legitimate, reports HN. These installers, imitating popular video conferencing software, infect computers with an updated version of BeaverTail. HN reports that the campaign, linked to the notorious Lazarus Group, continues to target job seekers through platforms like LinkedIn and Upwork. After initial contact, hackers direct victims to download malicious software through messaging apps like Telegram. In addition to stealing personal information, the malware targets cryptocurrency wallets and browser data. The attack is ongoing, with hackers constantly refining their techniques. Recently, the FBI warned that North Korean cyber criminals are aggressively targeting the cryptocurrency industry using social engineering attacks to steal digital assets, as reported by HN.
