Lazarus Group Malware Targets Crypto, Business Execs via macOS
Lazarus Group is using new macOS malware, 'Mach-O Man,' distributed via social engineering to target crypto and business firms.Summary
Security researchers have identified a new macOS malware campaign linked to the Lazarus Group, a North Korea-affiliated hacking operation known for significant cryptocurrency thefts. The malware, dubbed 'Mach-O Man,' is distributed through social engineering tactics like fake Zoom or Google Meet calls, prompting victims to execute commands that download the malware in the background. This allows attackers to bypass security controls, gain access to credentials and corporate systems, and potentially lead to account takeovers, financial losses, and data exposure. The 'Mach-O Man' kit includes a stealer designed to extract sensitive information such as browser extension data, stored credentials, cookies, and macOS Keychain entries. Collected data is then exfiltrated via Telegram, and the malware uses a self-deletion script to remove itself from infected devices. This campaign highlights Lazarus Group's expanding targeting beyond crypto-native companies.
(Source:Cointelegraph)