BlueNoroff, a North Korean threat actor, has been attacking crypto firms with a new multistage malware for macOS systems.
According to the researchers, the campaign is known as Hidden Risk, and it lures victims with emails that include fake data on the current activities in the cryptocurrency market.
The malware employed in these attacks depends on a novel persistence method on macOS that does not generate any alerts on the most recent versions of the operating system, allowing it to bypass detection.
BlueNoroff is known for cryptocurrency theft and has previously targeted macOS with a payload malware called ‘ObjCShellz’ that opens remote shells on affected Macs.
Infection chain
The attacks begin with a phishing email containing crypt
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: