North Korean Hackers ‘Mixing’ macOS Malware Tactics to Evade Detection

Threat actors from North Korea have been observed “mixing and matching” various components of the two distinct attack chains, using RustBucket droppers to propagate KANDYKORN, one of the macOS malware strains they are responsible for.

The research was conducted by cybersecurity firm SentinelOne, which also connected the RustBucket campaign to a third malware that is specific to macOS and is known as ObjCShellz.

RustBucket is the name of an activity cluster associated with the Lazarus Group, wherein, upon viewing a specially crafted lure document, a backdoored version of a PDF reader app called SwiftLoader read more North Korean Hackers ‘Mixing’ macOS Malware Tactics to Evade Detection.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *