Hackers associated with North Korea were discovered embedding malware inside macOS applications built with an open-source software development kit, ac

North Korean-linked hackers were caught experimenting with new macOS malware

submited by
Style Pass
2024-11-17 20:00:03

Hackers associated with North Korea were discovered embedding malware inside macOS applications built with an open-source software development kit, according to researchers at Jamf, a company that makes software geared toward mobile device management. 

The research, released Tuesday, details malware discovered in late October by researchers on VirusTotal, a popular online file analysis tool. While the code was malicious, the online scanning platform gave the samples a clean bill of health. Jamf found three versions of the malware; two used the programming languages Golang and Python. The third was built using Flutter, which heavily obfuscates the code by default.

Researchers said the techniques and domains associated with the malware “align closely” with North Korean techniques. North Korea typically has financial motivations in mind for cyber operations. Both campaigns were aimed at cryptocurrency-related intrusions and contained similar infrastructure used by North Korea’s Lazarus Group.

Flutter is an open-source programming framework developed by Google for developers to build, design, and maintain applications across iOS, Android, Linux, macOS, Windows, and the web. The development kit is also great at obfuscating malicious code, which makes it harder to reverse engineer.

Leave a Comment