N. Korean Hackers ‘Mixing’ macOS Malware Tactics to Evade Detection

Cybersecurity firm SentinelOne has found that North Korean threat actors are ‘mixing and matching’ attack chains from malware strains such as RustBucket and KANDYKORN to conduct attacks. The Lazarus Group is reportedly using a backdoored version of a PDF reader app, SwiftLoader, to distribute KANDYKORN malware. The approach makes it difficult for defenders to track and thwart malicious activities, highlighting the increasing collaboration among North Korean hacker groups.