MacOS Users Targeted By OceanLotus Backdoor

2020-11-30 17:52

The Vietnam-backed OceanLotus has been around since at least 2013, and previously launched targeted attacks against media, research and construction companies.

Older samples of the backdoor have targeted the same region before, according to researchers with Trend Micro.

"Some of the updates of this new variant include new behavior and domain names," said researchers Luis Magisa and Steven Du. "Threat groups such as OceanLotus are actively updating malware variants in attempts to evade detection and improve persistence."

Researchers said this malware variant has similarities to another OceanLotus backdoor discovered in 2018, including identical supported commands and their respective codes used in both variants.

Researchers said that to avoid malware such as this, macOS users should never click links or download attachments from emails coming from suspicious sources, and regularly patch their software and applications.

News URL

https://threatpost.com/macos-users-targeted-oceanlotus-backdoor/161655/

#backdoor #macos