News Summary

• While BeaverTail was an existing JavaScript info stealer discovered in 2023, it now appears to have been reworked to target Mac users with a malicious disk image titled “MicroTalk.dmg.”Security researcher and author Patrick Wardle analyzed the malware in a fairly comprehensive and hilariously titled blog post on Objective-See.
• It was also found to quietly install the remote desktop application AnyDesk and keylogging software in the background to take over machines and collect keystrokes.The malware, a new variant of a known strain dubbed “BeaverTail,” was first reported by MalwareHunterTeam via a post on X.
• If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck.FTC: We use income earning auto affiliate links.
• Every week,Arin Waichulis delivers insights on data privacy, uncovers vulnerabilities, and sheds light on emerging threats within Apple’s vast ecosystem of over 2 billion active devices.This wouldn’t be the first report of North Korean hackers posed as job recruiters to target victims.
• Once infected, the malware would establish a connection between the Mac and the attacker’s command and control (C2) server to exfiltrate sensitive data like iCloud Keychain credentials.
• Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple.Security researchers have identified an attempt by state-sponsored hackers from North Korea (DPRK) to target Mac users with infostealer malware through a trojanized meeting app.