Cybercriminals abusing popular scheduling tool Calendly to infect Macs with malware — be on your guard for suspicious links and invites

Social engineering can sometimes catch you off-guard

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Hackers are using complex social engineering campaigns and calendar invites to distribute Macmalware.

The hackers are abusing calendar scheduling toolCalendlyto distribute meeting invites as part of their attempts to fool thebest Mac antivirus.

The narrative behind this campaign is far more complex than the usual email spam you might be used to, so here is how they did it, and how to keep yourself safe if you get targeted.

Shady investments

Disclosed by a reader ofKrebs On Security, the campaign saw hackers go after cryptocurrency by posing as investors looking for their next startup to provide with funding. In this case, the victim was originally contacted via Telegram looking for an investment opportunity.

The scammer wanted to organize a meeting to discuss the potential investment options, and so the victims sent over their Calendly details in order to organize a video call. The fateful day approached, but nothing happened when the victim attempted to open the meeting link. Low and behold, the scammers’ ‘IT team’ fixed the issue by sending out a new meeting link.

Alas, the second link opened up a technical error message instead of the meeting, with a message displaying that there was an error with the video service. Luckily the message had a handy little script that could fix the issue and allow the victim to finally get some facetime with the potential investors.

Rather than being graced with the face of the generous benefactor, the script installed a trojan with the ability to steal sensitive information from the victims Mac device. The victim, realizing the error of their ways, then changed their passwords and installed a fresh version of macOS.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

While this was a good choice on the victims part, it unfortunately means that there is no evidence to suggest exactly what strain of malware was used.

In order to keep your device safe, always have a healthy amount of suspicion when receiving and clicking on any links sent from a stranger, and be sure to keep your device up to date with the latest updates, or take a look at some of thebest firewallsto keep your device secure.

ViaTomsGuide

More from TechRadar Pro

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.

Google puts Nvidia on high alert as it showcases Trillium, its rival AI chip, while promising to bring H200 Tensor Core GPUs within days

A new form of macOS malware is being used by devious North Korean hackers

Trying to get the AMD Ryzen 7 9800X3D CPU? It seems only scalpers have it and they’re jacking up the price