Found 4 bookmarks
Custom sorting
Stealthy Attributes of APT Lazarus: Evading Detection with Extended Attributes
Stealthy Attributes of APT Lazarus: Evading Detection with Extended Attributes
APT Lazarus has begun attempting to smuggle code using custom extended attributes. Extended attributes are metadata that can be associated with files and directories in various file systems. They allow users to store additional information about a file beyond the standard attributes like file size, timestamps, and permissions.
#group-ib#EN#2024#Extended#attributes#macos#Smuggling#APT#Lazarus
·group-ib.com·
Stealthy Attributes of APT Lazarus: Evading Detection with Extended Attributes
New macOS 'KandyKorn' malware targets cryptocurrency engineers
New macOS 'KandyKorn' malware targets cryptocurrency engineers
A new macOS malware dubbed 'KandyKorn' has been spotted in a campaign attributed to the North Korean Lazarus hacking group, targeting blockchain engineers of a cryptocurrency exchange platform. The attackers impersonate members of the cryptocurrency community on Discord channels to spread Python-based modules that trigger a multi-stage KandyKorn infection chain. Elastic Security discovered and attributed the attacks to Lazarus based on overlaps with past campaigns concerning the employed techniques, network infrastructure, code-signing certificates, and custom Lazarus detection rules.
#bleepingcomputer#EN#2023#macOS#Lazarus#Discord#Python-based#cryptocurrency#engineers#Targeted
·bleepingcomputer.com·
New macOS 'KandyKorn' malware targets cryptocurrency engineers