North Korean APTs Stir Up Fresh Attacks

North Korean advanced persistent threat (APT) groups are using a mix-and-match strategy with parts of two recently disclosed types of Mac-targeted malware to avoid detection. The groups are using KandyKorn and RustBucket malware in attacks on cryptocurrency exchanges and other financial institutions, with the goal of funding the Kim Jong Un regime. Researchers from SentinelOne have discovered that these groups are applying different loaders and other components from these malwares in diverse attacks to mislead security researchers and victims.