Home
Forums
New posts
Search forums
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Menu
Log in
Register
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Home
Forums
CARDING & HACKING
Carding News
ObjCShellz - a North Korean tool for remote access to macOS
Message
<blockquote data-quote="Brianwill" data-source="post: 801" data-attributes="member: 15"><p>Previously unknown malware is fraught with many undisclosed details.</p><p></p><p>Jamf, an Apple product security company, has identified a new type of malware developed by the North Korean cybercrime group BlueNorOff (APT38). The group is known for its attacks on banks, cryptocurrency exchanges and venture capital businesses.</p><p></p><p>The malware, created on the basis of Objective-C, functions as a simple remote shell, which allows attackers to send commands to infected macOS devices and execute them, providing remote control of the system. Until recently, the malware successfully avoided detection by existing antivirus solutions.</p><p></p><p>The discovery was made after suspicious activity was detected between the executable file and a malicious domain that visually imitated a legitimate cryptocurrency exchange. swissborg.com. This tactic corresponds to the well-known BlueNorOff method of using phishing domains to mask their operations.</p><p></p><p>Jamf Threat Labs assigned the detected malware the name ObjCShellz and assigned it to the RustBucket campaign. Despite its external difference from malicious programs used in the past, hackers goals remain unchanged: they seek to gain remote access to target systems in order to control them and conduct fraudulent operations</p></blockquote><p></p>
[QUOTE="Brianwill, post: 801, member: 15"] Previously unknown malware is fraught with many undisclosed details. Jamf, an Apple product security company, has identified a new type of malware developed by the North Korean cybercrime group BlueNorOff (APT38). The group is known for its attacks on banks, cryptocurrency exchanges and venture capital businesses. The malware, created on the basis of Objective-C, functions as a simple remote shell, which allows attackers to send commands to infected macOS devices and execute them, providing remote control of the system. Until recently, the malware successfully avoided detection by existing antivirus solutions. The discovery was made after suspicious activity was detected between the executable file and a malicious domain that visually imitated a legitimate cryptocurrency exchange. swissborg.com. This tactic corresponds to the well-known BlueNorOff method of using phishing domains to mask their operations. Jamf Threat Labs assigned the detected malware the name ObjCShellz and assigned it to the RustBucket campaign. Despite its external difference from malicious programs used in the past, hackers goals remain unchanged: they seek to gain remote access to target systems in order to control them and conduct fraudulent operations [/QUOTE]
Name
Verification
Post reply
Home
Forums
CARDING & HACKING
Carding News
ObjCShellz - a North Korean tool for remote access to macOS
Top