Tag
high
threat
Lazarus Group's AppleJeus macOS Backdoor via JMT Trader
2 rules 2 TTPs 3 IOCsThe Lazarus APT group is distributing a macOS backdoor named AppleJeus via a fake cryptocurrency trading application called JMT Trader, persisting through a launch daemon and communicating with the C&C server beastgoc.com.
macOS
Lazarus Group
+4
applejeus
backdoor
cryptocurrency
2r
2t
3i
high
threat
Lazarus Group Macloader Malware Analysis and Repurposing
2 rules 2 TTPs 1 IOCThe Lazarus group's macloader malware (OSX.AppleJeus.C) uses a launch daemon for persistence and executes downloaded payloads directly from memory, communicating with a C2 server to retrieve second-stage payloads, posing a significant threat due to its fileless execution and potential for repurposing.
Lazarus Group
+4
lazarus-group
macos
malware
fileless
applejeus
2r
2t
1i