Mac users targetted by Lazarus ‘fileless’ Trojan | #Apple #CyberSecurity  | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
From nakedsecurity.sophos.com - December 6, 2019 12:46 PM

The Lazarus hacking group has been caught trying to sneak a new ‘fileless’ Trojan on to Apple macOS computers disguised as a fake cryptocurrency trading application.

The discovery was reported by K7 Computing’s Dinesh Devadoss to Mac security expert Patrick Wardle, who immediately spotted similarities to previous attacks.

The first of these, from 2018, was the ‘Apple.Jeus’ malware, which also used a cryptocurrency trading application to lure high-value targets in order to steal cryptocoins.

In October 2019, the hackers retuned with a new backdoor Trojan that spreads using the same approach – a cryptocurrency application posted to GitHub for victims to download.

To make the applications appear trustworthy, both campaigns used the ruse of setting up fake software companies using legitimate certificates.

Both were connected to the suspected North Korean Lazarus Group, widely blamed for big attacks such as WannaCry in 2017 and Sony Pictures in 2014.

 

Learn more / En savoir plus / Mehr erfahren: 

 

https://www.scoop.it/topic/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=Lazarus+group

 

https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security