Security News > 2020 > January > In a desperate bid to stay relevant in 2020's geopolitical upheaval, N. Korea upgrades its Apple Jeus macOS malware
Malware hunters are sounding the alarm over a new, more effective version of the North Korean "Apple Jeus" macOS software nasty.
"To attack macOS users, the Lazarus group has developed homemade macOS malware, and added an authentication mechanism to deliver the next stage payload very carefully, as well as loading the next-stage payload without touching the disk."
The malware uses GitHub to host malicious applications and its writers have shifted to using Object-C instead of QT framework for the attack code.
The macOS infection has been spotted operating under the names JMTTrading and UnionCryptoTrader, and in addition to proliferating on a number of cryptocoin exchanges, the malware has been spotted in the wild on machines in the UK, Poland, Russia, and China.
"The binary infection procedure in the Windows system differed from the previous case. They also changed the final Windows payload significantly from the well-known Fallchill malware used in the previous attack," the researchers noted.
News URL
https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/01/08/applejeus_malware_returns/
Related news
- New macOS Malware "Cthulhu Stealer" Targets Apple Users' Data (source)
- Apple’s New macOS Sequoia Tightens Gatekeeper Controls to Block Unauthorized Software (source)
- New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems (source)
- New macOS Malware TodoSwift Linked to North Korean Hacking Groups (source)
- Apple's latest macOS release is breaking security software, network connections (source)