North Korean hackers have developed malware that successfully bypasses Apple's security measures, specifically its notarization process, according to researchers from Jamf Threat Labs. This discovery marks a significant development as it represents the first instance of malware utilizing such tactics against macOS systems. Interestingly, the malware appears to be experimental and does not operate on updated systems. The researchers identified several malicious applications that were reported as safe by Microsoft's VirusTotal, suggesting they used sophisticated evasion techniques. Written in Go and Python, these applications leverage Google Flutter, an open-source tool for building cross-platform applications. Of the examined apps, five had developer account signatures and temporary notarization from Apple, illustrating a concerning level of sophistication in the attack. The malware’s domains and methods align closely with tactics previously associated with North Korean cybercriminals, who have been involved in cryptocurrency thefts amounting to billions of dollars. This trend of malware targeting macOS indicates a growing threat landscape for users of the operating system.

Source 🔗