This week we are joined by Phil Stokes, threat researcher at SentinelOne's SentinelLabs, discussing their work on "macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed." Apple recently pushed an update to its XProtect tool, blocking several variants of the DPRK-linked Ferret malware family, which targets victims through the "Contagious Interview" campaign.
The malware uses fake job interview processes to trick users into installing malicious software, and new variants, including FlexibleFerret, remain undetected by XProtect. SentinelOne's research reveals a deeper investigation into this malware, which uses social engineering to expand its attack vectors, including targeting developers through platforms like GitHub.
The research can be found here:
macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed
Learn more about your ad choices. Visit megaphone.fm/adchoices
Caught in the contagious interview. [Research Saturday] | CyberWire Daily podcast - Listen or read transcript on Metacast
![Caught in the contagious interview. [Research Saturday] - podcast episode cover](https://megaphone.imgix.net/podcasts/c2a1ccd2-f605-11ef-a887-bbd60daa4c91/image/95b72a93c2ffaf8ff900d662a9bd3735.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress)
