1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • A new macOS backdoor could let hackers hijack your device without

    From TechnologyDaily@1337:1/100 to All on Mon Jan 8 17:45:05 2024
    A new macOS backdoor could let hackers hijack your device without you knowing

    Date:
    Mon, 08 Jan 2024 17:39:03 +0000

    Description:
    North Koreans are going after crypto once again, and this time they're targeting Apple devices

    FULL STORY ======================================================================

    A new malware variant has been uncovered targeting Apples macOS devices, experts have warned.

    A report from Greg Lesnewich, Senior Threat Researcher at Proofpoint, who described the malware in more detail in a technical writeup here , notes the malware is called SpectralBlur, and is a moderately capable piece of code. It can upload, download, or delete files, run shell commands, and sleep and hibernate, he further explained.

    Apparently, it was designed and is being distributed by a sub-group of Lazarus, an infamous North Korean state-sponsored threat actor. Going after cryptocurrencies

    Lesnewich made the connection via KANDYKORN (AKA SockRacket), a different piece of malware that was previously identified to belong to BlueNoroff. This group, also tracked by some researchers as TA444, is known to be a department of Lazarus.KANDYKORN is described as a remote access trojan used to take over a compromised endpoint.

    The findings led the researcher to conclude that the North Koreans are
    ramping up their attacks against macOS devices, in order to compromise high-value targets. Theyre mostly interested in devices belonging to people
    in the cryptocurrency and blockchain industry.

    "TA444 keeps running fast and furious with these new macOS malware families," Lesnewich said.

    Lazarus is known for targeting crypto businesses, mostly so-called bridge projects. Each cryptocurrency has its own blockchain, and in order for multiple blockchains to interact, developers started building bridges. These bridges, although usually audited by third-party security companies and independent code reviewers, often get released with serious flaws, which
    allow threat actors to siphon out eye-watering amounts of money.

    For example, on March 29th, 2022, it was announced that Lazarus Group successfully exploited a flaw in the Ronin Network and stole 173,600 Ether (ETH) and 25.5 million USD Coins from the Ronin cross-chain bridge. The total value of the stolen assets at the time was roughly $600 million, which made
    it the second-largest crypto heist of all time, just behind the 2021 Poly Network attack.

    Via TheHackerNews More from TechRadar Pro FBI - North Korean Lazarus hackers could be about to cash in millions of stolen Bitcoin Here's a list of the
    best firewalls today These are the best endpoint protection services right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/a-new-macos-backdoor-could-let-hackers- hijack-your-device-without-you-knowing


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)