cryptojournalist
New Malware Found Targeting Apple Users
North Korean hackers have reportedly developed malware that bypasses Apple’s notarization security for macOS, though it appears to be experimental. According to Jamf Threat Labs, this is the first instance of North Korean malware targeting Apple systems, though it cannot run on updated macOS versions.
Exploiting Security Gaps
Researchers from Jamf Threat Labs found several malicious applications that were mistakenly marked as safe by Microsoft’s VirusTotal scanner. These apps, written in programming languages like Go and Python and using Google’s Flutter development kit, carried signatures from developer accounts and even temporarily passed Apple’s notarization process.
Flutter is an open-source tool used to build apps that run on multiple platforms.
The malware displayed similarities to other known North Korean attacks, suggesting it might be a testing ground for future, larger-scale operations.
Cryptocurrency-Related Malware Names
Many of the malicious apps had names that referenced cryptocurrency, like “New Updates in Crypto Exchange” and “Stablecoins and DeFi,” indicating the hackers’ interest in the crypto sector. When run, one of these apps even opened a modified version of the game Minesweeper.
Organized and Sophisticated Cyber Tactics
North Korean hackers are known for sophisticated cyber tactics, including recent attacks on Google Chrome to steal cryptocurrency wallet credentials. The United Nations estimates they generate hundreds of thousands of dollars per month through these operations and have amassed around $3 billion over six years.
