16 matches found
North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS
A threat actor with ties to the Democratic People's Republic of Korea DPRK has been observed targeting cryptocurrency-related businesses with a multi-stage malware capable of infecting Apple macOS devices. Cybersecurity company SentinelOne, which dubbed the campaign Hidden Risk , attributed it wi...
North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams
Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation. These attacks employ coding tests as a common initial infection vector, Google-owned Mandiant said in a new report about threats faced by the...
New macOS Malware TodoSwift Linked to North Korean Hacking Groups
Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups. "This application shares several behaviors with malware we've seen that originated in North Korea DPRK —...
North Korean Hackers Target Crypto Users with RustBucket and KandyKorn
Summary: North Korean-aligned threat actors are targeting macOS users with two malware frameworks, RustBucket and KandyKorn, in an attempt to steal cryptocurrency. Threat Level - Amber | Attack Report For a detailed threat advisory, download the pdf file here To receive real-time threat advisorie...
N. Korean Hackers 'Mixing' macOS Malware Tactics to Evade Detection
The North Korean threat actors behind macOS malware strains such as RustBucket and KANDYKORN have been observed "mixing and matching" different elements of the two disparate attack chains, leveraging RustBucket droppers to deliver KANDYKORN. The findings come from cybersecurity firm SentinelOne,...
Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers
A sub-cluster within the infamous Lazarus Group has established new infrastructure that impersonates skills assessment portals as part of its social engineering campaigns. Microsoft attributed the activity to a threat actor it calls Sapphire Sleet, describing it as a "shift in the persistent...
BlueNoroff Unleashes New macOS Malware ObjCShellz
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new macOS malware variant linked to the financially motivated BlueNoroff APT group, named "ObjCShellz,“ featuring remote shell capabilities and suspicious domain communication. The malware, written in...
N. Korea's BlueNoroff Blamed for Hacking macOS Machines with ObjCShellz Malware
The North Korea-linked nation-state group called BlueNoroff has been attributed to a previously undocumented macOS malware strain dubbed ObjCShellz. Jamf Threat Labs, which disclosed details of the malware, said it's used as part of the RustBucket malware campaign, which came to light earlier thi...
Attacks, Vulnerabilities and Actors 3 July to 9 July 2023
For a detailed threat digest, download the pdf file here Summary HiveForceLabs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of eight attacks executed, a zero-day vulnerability in the WordPress Plugin, and thre...
New Variant of RUSTBUCKET Malware Targeting Cryptocurrency Providers
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary RUSTBUCKET malware family is actively developing, adding persistence capabilities, while the REF9135 operation by the DPRK targets cryptocurrency service providers. To receive real-time threat advisories...
Beware: New 'RustBucket' Malware Variant Targeting macOS Users
Researchers have pulled back the curtain on an updated version of an Apple macOS malware called RustBucket that comes with improved capabilities to establish persistence and avoid detection by security software. "This variant of RustBucket, a malware family that targets macOS systems, adds...
Beware: New 'RustBucket' Malware Variant Targeting macOS Users
Researchers have pulled back the curtain on an updated version of an Apple macOS malware called RustBucket that comes with improved capabilities to establish persistence and avoid detection by security software. "This variant of RustBucket, a malware family that targets macOS systems, adds...
Actors, Threats and Vulnerabilities 24 to 30 April 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, they identified a total of eight attacks that were executed. These attacks were taking advantage of three different...
New macOS malware RustBucket attributed to North Korean group BlueNoroff
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary RustBucket, attributed to BlueNoroff, is split into two stages, with the second stage application appearing as a legitimate PDF viewer but becoming malicious when a specific PDF is loaded. To receive...
Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware
A financially-motivated North Korean threat actor is suspected to be behind a new Apple macOS malware strain called RustBucket. "RustBucket communicates with command and control C2 servers to download and execute various payloads," Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley...
Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware
A financially-motivated North Korean threat actor is suspected to be behind a new Apple macOS malware strain called RustBucket. "RustBucket communicates with command and control C2 servers to download and execute various payloads," Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley...