RATE Group | New macOS Threat Served from Cryptocurrency Trading Platform
70852
post-template-default,single,single-post,postid-70852,single-format-standard,ajax_fade,page_not_loaded,,qode_grid_1300,side_area_uncovered_from_content,footer_responsive_adv,qode-content-sidebar-responsive,qode-child-theme-ver-1.0.0,qode-theme-ver-13.3,qode-theme-bridge,wpb-js-composer js-comp-ver-7.9,vc_responsive
 

New macOS Threat Served from Cryptocurrency Trading Platform

04 Dec New macOS Threat Served from Cryptocurrency Trading Platform

Posted at 08:57h in Cryptocurrency News by

[ad_1]

Security researchers have encountered a new macOS malware sample believed to be the work of the North Korean group of hackers known as Lazarus.

The threat has a very low detection rate and comes with capabilities that allow it to retrieve a payload from a remote location and run it in memory, making the forensic analysis more difficult.

macOS threat on trading platform

Malware researcher Dinesh Devadoss on Tuesday provided a hash for a new macOS malware sample that could load a mach-O executable file from memory and execute it.

Checking the sample on VirusTotal shows that its detection is almost inexistent. At the moment of writing, just four antivirus engines flagged it as malicious, improving to five at publishing time.

Security researcher and macOS hacker Patrick Wardle analyzed the malware found by Devadoss and determined that “there are some clear overlaps” with another first-stage implant attributed to Lazarus Group and found by  MalwareHunterTeam less than two months…

[ad_2]

Source link

Tags:
, , , , ,