Tag

Macos Malware

All articles tagged with #macos malware

"RustDoor: New macOS Malware Linked to Ransomware Groups"

Originally Published 1 year ago — by BleepingComputer

A new Rust-based macOS malware, known as RustDoor, is being distributed as a fake Visual Studio update and provides backdoor access to compromised systems. The malware communicates with command and control servers linked to the ALPHV/BlackCat ransomware gang, potentially indicating a connection to ransomware operations. It is primarily distributed as an updater for Visual Studio for Mac and has been undetected for at least three months. RustDoor has the capability to control compromised systems, exfiltrate data, and establish persistence by modifying system files, using commands such as shell execution, file manipulation, and process termination.

technology cybersecurity backdoor cybersecurity macos-malware ransomware rustdoor visual-studio

North Korean Hackers Employ Blended macOS Malware Tactics to Elude Detection

Originally Published 2 years ago — by The Hacker News

North Korean hackers associated with the Lazarus Group are combining different elements of their macOS malware campaigns, using RustBucket droppers to deliver the KANDYKORN malware. Cybersecurity firm SentinelOne has linked a third macOS-specific malware called ObjCShellz to the RustBucket campaign. The Lazarus Group is utilizing a backdoored version of a PDF reader app, SwiftLoader, to distribute KANDYKORN, demonstrating the evolving and collaborative nature of North Korean cyber threats. This tactic makes it challenging for defenders to track and attribute malicious activities. Additionally, a subgroup within Lazarus, Andariel, has been implicated in cyber attacks exploiting a security flaw in Apache ActiveMQ.

technology malware-cyber-espionage kandykorn lazarus-group macos-malware malware-cyber-espionage north-korea swiftloader