Charming Kitten – Not Charming!

There was a time when Mac users would happily tell Windows users that there were no viruses for Mac! At the time those Mac users were few and far between if you were not in the print and design world.

Now of course there are many potential victims using macOS and the threat actors know this – so there is Mac malware.

Charming Kitten hackers use new ‘NokNok’ malware for macOS (bleepingcomputer.com)

Charming Kitten APT group are behind the attack and have been linked, by Google, to the Iranian government and the Islamic Revolutionary Guard Corps (IRGC).

The malware, called NokNok, comes via a phishing email. If you check the article you can see the methods used to make the emails look all the more convincing. Probably due to Microsoft’s move to stop the spread of malware via Office document macros, the malicious payloads are downloaded via a .LNK file.

Your takeaway from this

You may not be a nuclear scientist (see the article) but you and your team need to know how modern phishing attacks will exploit your natural instinct to trust.

Clive Catton MSc (Cyber Security) – by-line and other articles