N. Korea's BlueNoroff Blamed for Hacking macOS Machines with ObjCShellz Malware
Nov 07, 2023
Endpoint Security / Malware
The North Korea-linked nation-state group called BlueNoroff has been attributed to a previously undocumented macOS malware strain dubbed ObjCShellz . Jamf Threat Labs, which disclosed details of the malware, said it's used as part of the RustBucket malware campaign, which came to light earlier this year. "Based on previous attacks performed by BlueNoroff, we suspect that this malware was a late stage within a multi-stage malware delivered via social engineering," security researcher Ferdous Saljooki said in a report shared with The Hacker News. BlueNoroff, also tracked under the names APT38, Nickel Gladstone, Sapphire Sleet, Stardust Chollima, and TA444, is a subordinate element of the infamous Lazarus Group that specializes in financial crime, targeting banks and the crypto sector as a way to evade sanctions and generate illicit profits for the regime. The development arrives days after Elastic Security Labs disclosed the Lazarus Group's use of a new ma