North Korea Lazarus observed testing new macOS trojan in the wild

  • Reading time:2 mins read
  • Post category:AntivirusDon
  • Post comments:0 Comments
You are currently viewing North Korea Lazarus observed testing new macOS trojan in the wild
Representation image: This image is an artistic interpretation related to the article theme.

The Lazarus Group’s Sophisticated Malware Tactics

Custom extended file attributes are a feature of Windows operating systems that allow users to add custom metadata to files. This metadata can include information such as file creation dates, modification dates, and even custom properties. However, this feature can also be exploited by attackers to hide malicious code or files from security software.

The Lazarus Group’s Malware Tactics

The Lazarus Group’s malware, which is believed to be a custom-built trojan, uses custom extended file attributes to evade detection by security software.

Here are some ways they do it:

How Hackers Use Extended File Attributes

  • Steganography: Hackers can embed malicious code within the extended file attributes, making it difficult to detect. Fileless malware: Hackers can hide malware within the extended file attributes, allowing it to run without creating a file on disk. Data hiding: Hackers can store malicious data within the extended file attributes, making it hard to find.

    The Art of Evasion: Uncovering the Tactics of a Skilled Hacker

    The world of cybersecurity is a cat-and-mouse game, where hackers continually push the boundaries of innovation to evade detection. One such skilled hacker has been making headlines for their cunning tactics, using custom file metadata and decoy documents to conceal malicious code.

  • Leave a Reply