BlueNoroff, a subgroup of North Korea’s Lazarus Group, was observed using a new Mac operating-system malware family, dubbed RustBucket, in recent attacks on Mac machines. Based on the lures used, BlueNoroff likely targeted the financial technology sector with the malware. RustBucket can be used to gather system information and allows the attacker to perform various actions on infected machines.
- Financial technology firms and their employees who use the Mac operating system
Suspected state sponsor
- Korea (Democratic People's Republic of)
Type of incident
- Private sector