Security News > 2020 > January > In a desperate bid to stay relevant in 2020's geopolitical upheaval, N. Korea upgrades its Apple Jeus macOS malware

In a desperate bid to stay relevant in 2020's geopolitical upheaval, N. Korea upgrades its Apple Jeus macOS malware
2020-01-08 20:50

Malware hunters are sounding the alarm over a new, more effective version of the North Korean "Apple Jeus" macOS software nasty.

"To attack macOS users, the Lazarus group has developed homemade macOS malware, and added an authentication mechanism to deliver the next stage payload very carefully, as well as loading the next-stage payload without touching the disk."

The malware uses GitHub to host malicious applications and its writers have shifted to using Object-C instead of QT framework for the attack code.

The macOS infection has been spotted operating under the names JMTTrading and UnionCryptoTrader, and in addition to proliferating on a number of cryptocoin exchanges, the malware has been spotted in the wild on machines in the UK, Poland, Russia, and China.

"The binary infection procedure in the Windows system differed from the previous case. They also changed the final Windows payload significantly from the well-known Fallchill malware used in the previous attack," the researchers noted.


News URL

https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/01/08/applejeus_malware_returns/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349