North Korean Hackers Employ Blended macOS Malware Tactics to Elude Detection
North Korean hackers associated with the Lazarus Group are combining different elements of their macOS malware campaigns, using RustBucket droppers to deliver the KANDYKORN malware. Cybersecurity firm SentinelOne has linked a third macOS-specific malware called ObjCShellz to the RustBucket campaign. The Lazarus Group is utilizing a backdoored version of a PDF reader app, SwiftLoader, to distribute KANDYKORN, demonstrating the evolving and collaborative nature of North Korean cyber threats. This tactic makes it challenging for defenders to track and attribute malicious activities. Additionally, a subgroup within Lazarus, Andariel, has been implicated in cyber attacks exploiting a security flaw in Apache ActiveMQ.
- N. Korean Hackers 'Mixing' macOS Malware Tactics to Evade Detection The Hacker News
- North Korean hackers combine malware to attack macOS AppleInsider
- macOS Malware Mix & Match: North Korean APTs Stir Up Fresh Attacks - macOS Malware Mix & Match: North Korean APTs Stir Up Fresh Attacks Dark Reading
- North Korean hackers mix code from proven malware campaigns to avoid detection CSO Online
- North Korean hackers target macOS with blended malware Yahoo Finance
- View Full Coverage on Google News
Reading Insights
0
0
1 min
vs 2 min read
73%
375 → 100 words
Want the full story? Read the original article
Read on The Hacker News