Lazarus Group has escalated its cyber warfare tactics with a meticulously crafted campaign targeting corporate employees through compromised communication channels. The operation leverages fake meeting invitations mimicking Zoom, Microsoft Teams, and Google Meet interfaces to infiltrate systems.

Victims receive seemingly legitimate Telegram messages from trusted contacts, redirecting them to spoofed websites. A terminal command prompt—disguised as a troubleshooting step—executes the Mach-O Man malware kit. This macOS-specific threat avoids traditional detection by exploiting human behavior rather than technical vulnerabilities.

The malware deploys in phases: initial execution triggers downloads of spoofed applications that phish credentials through repeated authentication prompts. Meanwhile, it systematically harvests system metadata and financial data. The attack vector underscores Lazarus Group's shift toward social engineering precision over brute-force exploits.