North Korea's Lazarus Targets macOS Users via ClickFix

Summary

North Korea's Lazarus Group is actively exploiting ClickFix, a fake tech support scam, to compromise macOS systems and steal data from high-value targets within Mac-centric organizations. The campaign demonstrates the group's expansion of initial-access tactics beyond Windows platforms to target Apple users. This represents a continued evolution of Lazarus's social engineering and credential harvesting capabilities.

Indicators of Compromise

• malware — ClickFix

Entities