North Korea’s BlueNoroff APT Debuts ‘Dumbed Down’ macOS Malware

Researchers from Jamf Threat Labs have been tracking a North Korean cyber campaign that’s been targeting MacOS users in the US and Japan. The campaign, dubbed “RustBucket” and thought to be run by the infamous Lazarus Group, uses a “dumbed-down” but effective Mac malware to infiltrate financial institutions. It uses social engineering techniques and a simple reverse shell called “ObjCShellz” to gain access and control. The group mimics legitimate financial websites to blend in with regular network activity.