The year 2024 saw a significant increase in malware campaigns targeting macOS users in enterprise environments. Threats included infostealers disguised as business apps, sophisticated modular backdoors, and APT activities. Notable malware families included Amos Atomic infostealers, Backdoor Activator, LightSpy, BeaverTail, ToDoSwift, Hidden Risk, HZ RAT, CloudChat Infostealer, NotLockBit ransomware, CloudFake, and RustyAttr. These threats employed various tactics such as credential theft, data exfiltration, and remote access capabilities. The rise in cross-platform development frameworks and sophisticated attack techniques indicates a growing focus on macOS as a target for enterprise attacks, highlighting the need for robust endpoint detection and response capabilities. Author: AlienVault
Related Tags:
Init
C++
BeaverTail
macos
BlueNoroff
lightspy
crypto
T1553
Cryptocurrency
Associated Indicators:
A28AF0684456C26DA769A2E0D29C5A726E86388901370DDF15BD3B355597D564
E02B3309C0B6A774A4D940369633E395B4C374DC3E6AAA64410CC33B0DCD67AC
2E62C9850F331799F1E4893698295D0B069AB04529A6DB1BFC4F193FE6ADED2C
14FE0071E76B23673569115042A961136EF057848AD44CF35D9F2CA86BD90D31
D006D5864108094A82315EE60CE057AFC8BE09546FFAA1F9CC63A51A96764114
87393D937407A6FE9E69DAD3836E83866107809980E20A40AE010D7D72F90854
6210EC0E905717359E01358118781A148B6D63834A54A25A95E32E228598C391
5D78FC86A389247D768A6BDF46F3E4FD697ED87C133B99EE6865809E453B2908
F39AAFB9489B9B60B34E3D4E78CD9720446B6247531B81CBD4877804B065A25F