This PDF malware attacks Apple Mac users! DON’T fall for it; know what experts say

tech.hindustantimes.com:

Cybersecurity researchers have discovered a new phishing attack that deploys dangerous malware to macOS devices. So far, this malware was limited to the Windows platform, but in the latest development, security researchers at cybersecurity company ESET found that North Korean hackers from the Lazarus group have been using a malicious file for macOS to lure the employees into the financial technology sector.

In the past, the hackers of the Lazarus group have used several tactics to create fake job offers, and recently, they used a PDF file loaded with malware propagated with details about a hiring position at Coinbase. The fake document named “Coinbase_online_careers_2022_07” was generated to bring the attention of job seekers and loaded a malicious DLL on the device. It ultimately allows the hackers to take control of the infected device. ESET, the cybersecurity company has also found that malware is ready to infect the macOS systems.

“A signed Mac executable disguised as a job description for Coinbase was uploaded to VirusTotal from Brazil. This is an instance of Operation In(ter)ception by #Lazarus for Mac,” the cybersecurity researchers informed via tweet. They further informed that the malicious PDF file is compiled for Macs with both Intel and Apple silicon. This means your Mac device is under threat whether you have a newer model or an old model of the Mac.

Once the malware is transported to your device, it drops three files on your system, namely: the bundle FinderFontsUpdater.app, the downloader safarifontagent, and a decoy PDF called “Coinbase_online_careers_2022_07” PDF. The researchers noticed that the fake malicious document file was signed on July 21.

However, this is not the first time that the group of Lazarus