February 16, 2024 at 09:45AM
Cryptocurrency companies are targeted by a new Apple macOS backdoor called RustDoor, distributed as a Visual Studio update and used in targeted attacks. Its components include first-stage downloaders masquerading as job offering PDFs, Golang-based binaries, and leaky endpoint revealing infected victims’ details. Meanwhile, a South Korean IT organization affiliated with North Korea’s Workers’ Party is generating illicit revenue through malware-laced gambling websites.
It seems that the meeting notes are discussing a recent cybersecurity threat targeting cryptocurrency companies using a newly discovered Apple macOS backdoor called RustDoor. The malware was distributed as a Visual Studio update and used in targeted attacks. The attackers utilized various techniques, such as pretending to be job offerings in the form of PDF files, to deploy the malware. Additionally, there are details about a new attack chain involving ZIP archives and Golang-based binaries, along with insights about the command-and-control infrastructure used by the attackers.
Furthermore, the notes mention an IT organization affiliated with the Workers’ Party of North Korea’s Office No. 39 is involved in generating illicit revenue by selling malware-laced gambling websites to cybercriminals.
Overall, the meeting notes highlight the sophistication and evolving nature of cybersecurity threats, as well as the need for heightened vigilance and security measures within the cryptocurrency sector.