New macOS Malware TodoSwift Linked to North Korean Hacking Groups

August 21, 2024 at 07:33AM Cybersecurity researchers recently discovered a new macOS malware, TodoSwift, with similarities to known malicious software linked to North Korean hacking groups. It exhibits behaviors seen in previous DPRK malware, such as RustBucket and KANDYKORN, and is associated with the Lazarus Group’s attempts to target cryptocurrency businesses. TodoSwift is distributed as … Read more

New Banshee Stealer macOS Malware Priced at $3,000 Per Month

August 16, 2024 at 07:45AM Cybercriminals are promoting Banshee Stealer, a new macOS malware capable of stealing various data from compromised systems. Advertised for $3,000/month, it targets macOS passwords, hardware/software info, keychain passwords, browser data, and cryptocurrency wallets. While it evades detection by checking for analysis signs, its evasion methods are basic, leaving it susceptible … Read more

‘Vortax’ Meeting Software Builds Elaborate Branding, Spreads Infostealers

June 20, 2024 at 12:01PM A widespread campaign is targeting cryptocurrency users through fake virtual meeting software, Vortax, delivering infostealing malware such as Rhadamanthys, Stealc, and Atomic. The threat actor “Markopolo” is linked to this campaign, posing as a legitimate software company but actually engaging in credential harvesting. This campaign highlights an increased focus on … Read more

Hackers Target macOS Users with Malicious Ads Spreading Stealer Malware

March 30, 2024 at 03:45AM Malicious ads and bogus websites are enabling the delivery of two different stealer malware targeting Apple macOS users. These attacks aim to steal sensitive data, with one attack leveraging counterfeit websites and the other exploiting a phony software offer. The development indicates an increasing threat to macOS environments from stealer … Read more

RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers

February 16, 2024 at 09:45AM Cryptocurrency companies are targeted by a new Apple macOS backdoor called RustDoor, distributed as a Visual Studio update and used in targeted attacks. Its components include first-stage downloaders masquerading as job offering PDFs, Golang-based binaries, and leaky endpoint revealing infected victims’ details. Meanwhile, a South Korean IT organization affiliated with … Read more

Alert: New Stealthy “RustDoor” Backdoor Targeting Apple macOS Devices

February 10, 2024 at 02:21AM A new Rust-based macOS backdoor, codenamed RustDoor, has been targeting users since November 2023. It masquerades as an update for Microsoft Visual Studio, affecting both Intel and Arm architectures. The malware is capable of gathering and exfiltrating information to a command-and-control server, with links to prominent ransomware families. The U.S. … Read more

MacOS Targeted by New Backdoor Linked to ALPHV Ransomware

February 9, 2024 at 04:55PM Researchers at Bitdefender have uncovered a new macOS backdoor, Trojan.MAC.RustDoor, linked to the BlackCat/ALPHV ransomware family known for targeting Windows. Written in Rust coding language, the malware masquerades as a Visual Studio code editor update. It has been active for at least three months, gathering and sending data to a … Read more

New RustDoor macOS malware impersonates Visual Studio update

February 9, 2024 at 11:00AM A new Rust-based macOS malware, known as RustDoor, has been spreading as a Visual Studio update, providing backdoor access to compromised systems. Linked to the ALPHV/BlackCat ransomware gang’s infrastructure, it communicates with command and control servers potentially associated with ransomware operations. The malware has advanced capabilities and is distributed under … Read more

MacOS Malware Targets Bitcoin, Exodus Cryptowallets

January 23, 2024 at 04:11PM Fresh malware targeting Apple users in the US and Germany is infecting Bitcoin and Exodus cryptowallet applications through pirated software. Kaspersky researchers state that the malware can replace these applications with infected versions to steal recovery phrases and passwords, allowing attackers to control victims’ digital wallets. They advise against downloading … Read more

MacOS info-stealers quickly evolve to evade XProtect detection

January 16, 2024 at 04:34PM The macOS platform faces persistent challenges with information stealers evading detection, as highlighted in a report by SentinelOne that presents three malware examples circumventing XProtect. KeySteal, Atomic Stealer, and CherryPie showcase the ability of malware to evolve and avoid detection, emphasizing the need for advanced security measures beyond static detection. … Read more