November 28, 2023 at 12:06AM The Lazarus Group, a North Korean threat actor, has been observed combining elements from two separate macOS malware strains, RustBucket and KANDYKORN. They are using RustBucket droppers to deliver the KANDYKORN malware. Another macOS-specific malware called ObjCShellz has also been linked to the RustBucket campaign by cybersecurity firm SentinelOne. This … Read more
November 7, 2023 at 03:36PM The BlueNorOff threat group, backed by North Korea, has targeted Apple customers with new macOS malware called ObjCShellz. This malware allows the group to open remote shells on compromised devices. BlueNorOff is known for financially motivated attacks on cryptocurrency exchanges and financial organizations worldwide. The malware communicates with a domain … Read more
November 7, 2023 at 09:48AM North Korean state-sponsored hackers have been observed using a new macOS malware called “ObjCShellz” as part of the RustBucket campaign targeting financial organizations. The malware, attributed to the BlueNoroff group, is written in Objective-C and allows attackers remote shell capabilities. The campaign uses social engineering and disguises itself as a … Read more
November 7, 2023 at 09:24AM The BlueNoroff nation-state group, which has connections to North Korea, is behind a newly discovered macOS malware called ObjCShellz. It is used as part of the RustBucket malware campaign and is suspected to be delivered through social engineering. BlueNoroff is a sub-group of the Lazarus Group, known for financial crimes … Read more