1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Microsoft experts warn North Korean attackers target macOS users

    From TechnologyDaily@1337:1/100 to All on Friday, April 17, 2026 14:15:24
    Microsoft experts warn North Korean attackers target macOS users with 'a highly reliable infection chain' to steal passwords, financial data and more here's how to stay safe

    Date:
    Fri, 17 Apr 2026 13:10:00 +0000

    Description:
    A Lazarus spinoff is stirring trouble among companies, stealing crypto
    through fake jobs, Microsoft warns.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Become a Member in Seconds Unlock instant access to exclusive member features. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful Join the club Get full access to premium articles, exclusive features and a growing list of member rewards. Explore An account already exists for this email address, please log in. Subscribe to our newsletter Microsoft warns North Korean Sapphire Sleet (APT38) targeting Western businesses with fake job scams Malicious Zoom lookalike drops infostealers to steal cryptocurrency Campaign focuses on
    macOS users; Apple pushed automatic protections to block attacks North Korean state-sponsored threat actors called Sapphire Sleet are targeting businesses in the west with infostealer malware in an attempt to nab their cryptocurrencies, experts have warned.

    Security analysts from Microsoft said the group, also known as APT38, and
    most likely a spinoff from the infamous Lazarus Group, has been at it since
    at least 2020, and has employed one of the most successful techniques in its arsenal - fake jobs. Sapphire Sleet would create a whole slew of fake, nonexistent things on social media: companies, recruiters, job ads, and anything else needed to make the scam look like a legitimate hiring attempt - with the victims are then approached, either via email or different social media channels, and offered the job (with enticing compensation offers). Article continues below You may like North Korean hackers target Microsoft Virtual Studio Code North Korean hackers use AI-generated video to deliver malware for macOS and Windows 'The prevailing wisdom used to be that macOS
    was at lower risk of malware infection compared to Windows...thats no longer the case': Experts warn Mac infostealers are on the rise - here's how to stay safe Attacking humans During the process, however, the recruiters would ask the victim to join a Zoom video call, but the software used is not the real Zoom - instead, it is a fake, malicious version, designed to drop an infostealer on the device.

    Speaking about the report, Sherrod DeGrippo, Microsoft global threat intelligence GM, told The Register why crooks focus on attacking the human, rather than the system: "Social engineering lets attackers route around hardened perimeters by convincing users to act on their behalf, turning a human into the vulnerability. It's low-cost, hard to patch, and scales well," DeGrippo explained.

    "Users are conditioned to accept remote support interactions like downloading tools, following instructions, clicking prompts," she added. "Attackers exploit this familiarity to make malicious actions feel routine, lowering victim skepticism at the critical moment of compromise."

    The campaign targets macOS users, it was said. Microsoft reached out to Apple , who added platform-level protections to help detect and block the malware and the infrastructure it uses. The updates were sent out automatically, meaning users need not update manually. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me
    with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. The
    best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/microsoft-experts-warn-north-korean-att ackers-target-macos-users-with-a-highly-reliable-infection-chain-to-steal-pass words-financial-data-and-more-heres-how-to-stay-safe


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)