Related Families: GravityRAT, HeavyLift, GravityAdmin
Verticals Targeted: Defense, Government, Technology
Cosmic Leopard Activity Targets Windows, MacOS, & Android
Jun 17, 2024 3:15:17 PM / by The Hivemind posted in Threat Bulletin, Android, Windows, MacOS, Cosmic Leopard, GravityRAT, Operation Celestial Force, HeavyLift, GravityAdmin
Cuckoo: Part Infostealer, Part Spyware
May 13, 2024 2:20:01 PM / by The Hivemind posted in Threat Bulletin, Infostealer, Spyware, MacOS, Cuckoo
Executive Summary
Cuckoo is a recently discovered infostealer and spyware hybrid targeting MacOS systems.
RustDoor MacOS Backdoor
Feb 26, 2024 11:51:18 AM / by The Hivemind posted in Threat Bulletin, Ransomware, ALPHV, Backdoor, MacOS, Mac, Apple, RustDoor, GateDoor
Related Families: GateDoor
Verticals Targeted: Cryptocurrency
Executive Summary
RustDoor is a new MacOS backdoor written in Rust. RustDoor was observed targeting companies in the cryptocurrency sector.
SpectralBlur MacOS Backdoor
Jan 19, 2024 2:03:16 PM / by The Hivemind posted in Threat Bulletin, Backdoor, MacOS, Stardust Chollima, SpectralBlur, KandyKorn
Related Families: KandyKorn
Executive Summary
SpectralBlur is a fairly unsophisticated backdoor targeting MacOS devices. It has been attributed to Stardust Chollima.
New XLoader Variant Disguised as Signed App
Sep 1, 2023 1:24:48 PM / by The Hivemind posted in Threat Bulletin, Xloader, MacOS
Executive Summary
A new XLoader variant has been observed in the wild, targeting MacOS systems and disguising itself as a signed OfficeNote app.
Realst MacOS Infostealer
Aug 7, 2023 2:41:09 PM / by The Hivemind posted in Blockchain, Threat Bulletin, Stealer, Infostealer, Gaming, MacOS, Realst
Executive Summary
Geacon - Cobalt Strike for MacOS
May 26, 2023 2:01:00 PM / by The Hivemind posted in Cobalt Strike, MacOS, Pentesting, Geacon
Related Families: Cobalt Strike
Executive Summary
Geacon is a Cobalt Strike adaptation developed to target MacOS. Geacon versions are available to target both Apple silicon and Intel architectures.
BlueNoroff's RustBucket MacOS Malware
May 12, 2023 3:48:04 PM / by The Hivemind posted in Threat Bulletin, Lazarus, North Korea, Financial, MacOS, Mac, RustBucket, BlueNoroff
Verticals Targeted: Financial
Executive Summary