A new macOS backdoor threat called SpectralBlur has been discovered from North Korean hackers. This malicious software bears similarities to KANDYKORN, an advanced implant that functions as a remote access trojan capable of taking control of a compromised host. Additionally, it is noted that KANDYKORN is associated with a backdoor named RustBucket, orchestrated by BlueNoroff (also known as TA444), and a subsequent payload named ObjCShellz. In recent months, observations have revealed that threat actors have combined different parts of these two infection chains and utilized RustBucket droppers to deliver KANDYKORN. These findings are considered an indication of North Korean threat actors’ increasing interest in infiltrating macOS, particularly to target high-value entities in the cryptocurrency and blockchain sectors.

Security News

The Price Of Grand Base Token Dropped By 99% After The Hack

Grand Base (GB), a real-world asset tokenization protocol operating on Coinbase’s native layer-2 blockchain, suffered a loss of $1.7 million following a compromise of private keys. The breach shook the crypto community and led to the loss. This event caused...

16/04/2024

Security News

The Leading Cybersecurity Agency in The United States was Attacked

US officials discovered last month that a federal agency responsible for cybersecurity was hacked and had to take two important computer systems offline. According to US officials briefed on the matter, the affected systems of the US Cybersecurity and Infrastructure...

13/03/2024

Security News

Russian Computer Hackers Stole Microsoft Source Code

Microsoft has announced that a notorious hacker group supported by the Russian government, known as Midnight Blizzard (also known as APT29 or Cosy Bear), managed to gain access to some source code repositories and internal systems following a hack that...

10/03/2024