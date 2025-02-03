SentinelLabs has revealed research into variants of FERRET, the DPRK-linked macOS malware. These new variants, labelled “FlexibleFerret,” currently remain undetected by Apple’s XProtect.
Here are the highlight from the research:
- The FERRET malware is part of the North Korean Contagious Interview campaign, in which threat actors lure targets to install malware through the job interview process.
- Last week Apple pushed a signature update to its on-device malware tool XProtect to block several variants of what it called the macOS FERRET family. Despite that, these newly uncovered variants remain undetected by XProtect.
- Indicators present in the FERRET family of malware overlap with indicators seen in other DPRK campaigns, including the BlueNoroff Hidden Risk Threat Actor.
Article provided with permission from AppleWorld.Today