Security News > 2020 > January > In a desperate bid to stay relevant in 2020's geopolitical upheaval, N. Korea upgrades its Apple Jeus macOS malware

Malware hunters are sounding the alarm over a new, more effective version of the North Korean "Apple Jeus" macOS software nasty.
"To attack macOS users, the Lazarus group has developed homemade macOS malware, and added an authentication mechanism to deliver the next stage payload very carefully, as well as loading the next-stage payload without touching the disk."
The malware uses GitHub to host malicious applications and its writers have shifted to using Object-C instead of QT framework for the attack code.
The macOS infection has been spotted operating under the names JMTTrading and UnionCryptoTrader, and in addition to proliferating on a number of cryptocoin exchanges, the malware has been spotted in the wild on machines in the UK, Poland, Russia, and China.
"The binary infection procedure in the Windows system differed from the previous case. They also changed the final Windows payload significantly from the well-known Fallchill malware used in the previous attack," the researchers noted.
News URL
https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/01/08/applejeus_malware_returns/
Related news
- Apple missed screenshot-snooping malware in code that made it into the App Store, Kaspersky claims (source)
- XCSSET macOS malware returns with first new version since 2022 (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)
- The XCSSET info-stealing malware is back, targeting macOS users and devs (source)
- New FrigidStealer Malware Targets macOS Users via Fake Browser Updates (source)
- Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems (source)
- North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps (source)
- Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices (source)