macOS Archives - Cyber Security Minute

Breach Roundup: North Korean Hackers Target macOS Users

Issued by: DataBreach Today

North Korean Hackers Target macOS Users North Korean state-sponsored hackers are targeting macOS users with a new variant of their BeaverTail malware, spreading it through a malicious version of the video-calling service Microtalk. Cybersecurity researcher Patrick Wardle revealed that the attackers trick victims into downloading the infected software by posing as recruiters offering job interviews….

Malware & Threats

‘Vortax’ Meeting Software Builds Elaborate Branding, Spreads Infostealers

Issued by: Dark Reading

A widespread campaign aimed at stealing cryptocurrency is spreading a wave of infostealers through fake virtual meeting software for both macOS and Windows platforms, particularly targeting the former with the dangerous Atomic stealer. Discovered by Recorded Future’s Insikt Group, the campaign attributed to a threat actor dubbed “Markopolo” is responsible for an elaborate Web and…

Malware & Threats

Zero-Click Apple Shortcuts Vulnerability Allows Silent Data Theft

Issued by: Dark Reading

A dangerous vulnerability in Apple Shortcuts has surfaced, which could give attackers access to sensitive data across the device without the user being asked to grant permissions. Apple’s Shortcuts application, designed for macOS and iOS, is aimed at automating tasks. For businesses, it allows users to create macros for executing specific tasks on their devices,…

Malware & Threats

MacOS Targeted by New Backdoor Linked to ALPHV Ransomware

Issued by: Dark Reading

Researchers have discovered a new backdoor targeting macOS that appears to have ties to an infamous ransomware family that historically targets Windows systems. Researchers at Bitdefender say the so-called Trojan.MAC.RustDoor is likely linked to BlackCat/ALPHV. The newly discovered backdoor is written in Rust coding language and impersonates an update for Visual Studio code editor. Bitdefender…

Malware & Threats

MacOS Malware Targets Bitcoin, Exodus Cryptowallets

Issued by: Dark Reading

Fresh malware targeting Apple users in the US and Germany is infecting Bitcoin and Exodus cryptowallet applications with a Trojan distributed through pirated software, according to Kaspersky researchers. The malware is delivered via cracked applications and can replace Exodus and Bitcoin cryptowallet applications installed on the user’s machine with infected versions that steal secret recovery…

Malware & Threats

North Korea Debuts ‘SpectralBlur’ Malware Amid macOS Onslaught

Issued by: Dark Reading

The prolific North Korean state-backed threat actor known as TA444 is back with shiny new malware for targeting macOS users, dubbed “SpectralBlur.” The custom tool is the latest in a string of proprietary malware that the advanced persistent threat (APT) group has been consistently generating — a trait that sets it apart from other DPRK-sponsored…

Malware & Threats

Expert warns of Turtle macOS ransomware

Issued by: Security Affairs

The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. Wardle pointed out that since Turtle was uploaded on Virus Total, it was labeled as malicious by 24 anti-malware solutions, suggesting it is not a sophisticated threat. However, the malicious code was generally detected as “Other:Malware-gen”, “Trojan.Generic”, or…

Malware & Threats

North Korea’s BlueNoroff APT Debuts ‘Dumbed Down’ macOS Malware

Issued by: Dark Reading

North Korean state hackers have debuted a fresh Mac malware targeting users in the US and Japan, which researchers characterize as “dumbed down” but effective. An arm of the DPRK’s notorious Lazarus Group, BlueNoroff has been known to raise money for the Kim regime by targeting financial institutions — banks, venture capital firms, cryptocurrency exchanges…

Software Security

‘KandyKorn’ macOS Malware Lures Crypto Engineers

Issued by: Dark Reading

The infamous North Korean advanced persistent threat (APT) group Lazarus has developed a form of macOS malware called “KandyKorn,” which it is using to target blockchain engineers connected to cryptocurrency exchanges. According to a report from Elastic Security Labs, KandyKorn has a full-featured set of capabilities to detect, access, and steal any data from the…

Malware & Threats

Thousands of Systems Turned Into Proxy Exit Nodes via Malware

Issued by: SecurityWeek

To date, AT&T Alien Labs researchers have identified over 400,000 systems that act as proxy exit nodes in this network. However, it is unclear how many of these were infected, and the company that offers the proxy service claims that all devices pertain to users who are aware of the proxy application’s functionality. Last week,…