BlueNoroff | How DPRK’s macOS RustBucket Seeks to Evade Analysis and Detection
released on 2023-07-05 @ 04:58:16 PM
Back in April, researchers at JAMF detailed a sophisticated APT campaign targeting macOS users with multi-stage malware that culminated in a Rust backdoor capable of downloading and executing further malware on infected devices. ‘RustBucket’, as they labeled it, was attributed with strong confidence to the BlueNoroff APT, generally assumed to be a subsidiary of the wider DPRK cyber attack group known as Lazarus.