New macOS malware SpectralBlur ID’d as North Korean backdoor

SpectralBlur, a new macOS malware, is similar to a backdoor developed by North Korean hackers who targeted blockchain engineers. The new malware, dubbed “first malware of 2024”, was actually uploaded in August 2023. It can upload, download, delete files, run shells and update configurations using commands from a remote server. Similarities to North Korean malware KANDYKORN have raised questions about whether it’s being used by state actors in attacks on macOS.