Skip to main content

A new macOS backdoor could let hackers hijack your device without you knowing

posted onMarch 15, 2024
by l33tdawg
Flickr
Credit: Flickr

A new malware variant has been uncovered targeting Apple’s macOS devices, experts have warned.

A report from Greg Lesnewich, Senior Threat Researcher at Proofpoint, who described the malware in more detail in a technical writeup here, notes the malware is called SpectralBlur, and is a “moderately capable” piece of code. It can upload, download, or delete files, run shell commands, and sleep and hibernate, he further explained.

Apparently, it was designed and is being distributed by a sub-group of Lazarus, an infamous North Korean state-sponsored threat actor. Lesnewich made the connection via KANDYKORN (AKA SockRacket), a different piece of malware that was previously identified to belong to BlueNoroff. This group, also tracked by some researchers as TA444, is known to be a department of Lazarus. KANDYKORN is described as a remote access trojan used to take over a compromised endpoint.

Source

Tags

Apple Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th