1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Cybercriminals abusing popular scheduling tool Calendly to infect

    From TechnologyDaily@1337:1/100 to All on Fri Mar 1 18:15:06 2024
    Cybercriminals abusing popular scheduling tool Calendly to infect Macs with malware be on your guard for suspicious links and invites

    Date:
    Fri, 01 Mar 2024 18:11:14 +0000

    Description:
    Beware of suspicious links and invites, because it may just steal everything on your device

    FULL STORY ======================================================================

    Hackers are using complex social engineering campaigns and calendar invites
    to distribute Mac malware .

    The hackers are abusing calendar scheduling tool Calendly to distribute meeting invites as part of their attempts to fool the best Mac antivirus .

    The narrative behind this campaign is far more complex than the usual email spam you might be used to, so here is how they did it, and how to keep yourself safe if you get targeted. Shady investments

    Disclosed by a reader of Krebs On Security , the campaign saw hackers go
    after cryptocurrency by posing as investors looking for their next startup to provide with funding. In this case, the victim was originally contacted via Telegram looking for an investment opportunity.

    The scammer wanted to organize a meeting to discuss the potential investment options, and so the victims sent over their Calendly details in order to organize a video call. The fateful day approached, but nothing happened when the victim attempted to open the meeting link. Low and behold, the scammers
    IT team fixed the issue by sending out a new meeting link.

    Alas, the second link opened up a technical error message instead of the meeting, with a message displaying that there was an error with the video service. Luckily the message had a handy little script that could fix the issue and allow the victim to finally get some facetime with the potential investors.

    Rather than being graced with the face of the generous benefactor, the script installed a trojan with the ability to steal sensitive information from the victims Mac device. The victim, realizing the error of their ways, then changed their passwords and installed a fresh version of macOS.

    While this was a good choice on the victims part, it unfortunately means that there is no evidence to suggest exactly what strain of malware was used.

    In order to keep your device safe, always have a healthy amount of suspicion when receiving and clicking on any links sent from a stranger, and be sure to keep your device up to date with the latest updates, or take a look at some
    of the best firewalls to keep your device secure.

    Via TomsGuide More from TechRadar Pro Forget ransomware and phishing attacks CTOs rate human error as their number one security risk Take a look at our guide to the best productivity tools around Keep your details safe with the best password manager




    ======================================================================
    Link to news story: https://www.techradar.com/pro/cybercriminals-abusing-popular-scheduling-tool-c alendly-to-infect-macs-with-malware-be-on-your-guard-for-suspicious-links-and- invites


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)