According to ChainCatcher news reported by Cointelegraph, North Korean hackers appear to have developed malware that can evade Apple's security checks. Researchers at Jamf Threat Labs, who focus on Apple, indicate that these applications seem to be experimental. This is the first time they have seen such technology used to infiltrate Apple's macOS operating system, but it does not run on the latest systems.Researchers found that Microsoft's VirusTotal online scanning service reported these applications as harmless, but they are actually malicious. Variants of these applications are written in Go and Python, utilizing Google Flutter applications. Flutter is an open-source development toolkit used for creating cross-platform applications.Out of six malicious applications, five are signed with developer accounts and have been temporarily notarized by Apple. Researchers wrote, "The domains and techniques in the malware are very similar to those used in other North Korean hacker malware, with indications that the malware was once signed and even temporarily passed Apple's notarization process."

ChainiCatcher news, according to Cointelegraph, a new type of malware called "KandyKorn" related to the North Korean hacker group Lazarus has been discovered on Apple's macOS system, targeting the crypto community and engineers.According to analysis by Elastic Security Labs, "KandyKorn" is an invisible backdoor capable of data retrieval, directory listing, file upload/download, secure deletion, process termination, and command execution.Initially, the attackers impersonated community members through Discord channels to spread a Python-based module. Social engineering attacks lured community members into downloading a malicious ZIP archive named "Cross-platform Bridges.zip," which mimicked an arbitrage bot designed for automatic profit. However, the file imported 13 malicious modules that worked together to steal and manipulate information.

ChainCatcher message, Slow Mist's Chief Information Security Officer 23pds issued a reminder that a new malware named Realst has emerged, targeting Apple macOS systems with large-scale attacks, including the latest macOS 14 Sonoma. It is written in Rust, and after victims are attacked, their cryptocurrency assets are stolen along with sensitive information such as passwords. All macOS users are strongly advised to remain vigilant and take necessary security measures to prevent their sensitive information and cryptocurrency assets from being stolen.