Lazarus Group targets fintech with new macOS malware

North Korea's Lazarus Group has launched a sophisticated new macOS-focused cyberattack campaign named 'Mach-O Man,' targeting executives in fintech and cryptocurrency sectors. The group employs a social engineering tactic called ClickFix, luring victims into fake online meetings where they are tricked into pasting malicious commands into their Mac terminals. This grants attackers access to sensitive corporate and financial systems. The malware is modular, self-erasing, and difficult to detect, making it a significant threat. Security experts emphasize that Lazarus Group's increased activity and state-directed operations pose a substantial, well-funded risk to the financial industry.