back to article Lazarus group goes back to the Apple orchard with new macOS trojan

The Lazarus group, which has been named as one of North Korea's state-sponsored hacking teams, has been found to be using new tactics to infect macOS machines. Dinesh_Devadoss, a threat analyst with anti-malware merchant K7 Computing, took credit for the discovery and reporting of what is believed to be the Lazarus group's …

  1. cb7

    "Yes, but Macs don't get viruses coz they're based on Unix and built from the ground up with security in mind."

    1. Sgt_Oddball Silver badge
      Headmaster

      You forgot...

      The sarcasm tags. Unless you didn't in which case you need to work on your cynicism. This is the register afterall...

      1. cb7

        Re: You forgot...

        I thought the quotes would suffice. Clearly most Regtards didn't parse English without tags in this case.

    2. Dan 55 Silver badge
      FAIL

      goto fail;

      And other bits that Apple added.

  2. Pascal Monett Silver badge

    What is the point ?

    The article does not mention that the malware sample was found on VirusTotal. That means that somebody has scanned it, which has to mean that those Norks leaked it out.

    However, the article states that the control server is not handing out the payload, which prevents the malware from doing anything at this point in time.

    So that begs the question : has this malware actually been installed and then the Norks shut down the service because they were only interested in one target ? Or are they still in the ramping up stage and want everything to be perfect for when they do unleash the malware ?

    Which still does not explain the sample on VirusTotal.

  3. Buzzword

    Apple tried to warn you, several times

    By default, new Macs don't allow you to install unsigned software packages. To fall victim to this malware, you would need to:

    (a) download a package from a third party website

    (b) disable the unsigned software protection in System Preferences

    (c) ignore the warning that "By opening this app, you will be overriding system security which can expose your computer and personal information to malware"

    (d) grant it root access.

    Perhaps Apple users are lulled into a false sense of security, so they ignore all these warnings.

    Coming next: North Korean evil-doers sell car phone chargers which only work if you follow the instructions to disable the car's ABS.

    1. Cuddles Silver badge

      Re: Apple tried to warn you, several times

      "Perhaps Apple users are lulled into a false sense of security, so they ignore all these warnings."

      Or perhaps they quite rightly hold the view that it's their PC and they'll install whatever software they damn well want without asking mother for approval first. That used to be how all PCs worked, whether they had Apple, MS, Linux, or any other OS running. It's bad enough that people so often roll over and allow their phones to be locked away in a walled garden, but doing it for desktop PCs as well is just nuts.

      The problem here is not that people might have jumped through the multiple hoops required just to have some control over their own property, it's that having done so, they were stupid enough to install something making claims about pretend money. If you choose to install obvious malware, it's entirely your own fault when it turns out to be malware.

      1. Robert Helpmann??
        Facepalm

        Re: Apple tried to warn you, several times

        If you choose to install obvious malware, it's entirely your own fault when it turns out to be malware.

        So the people who created the malware and got the gullible unwashed masses to install said malware are not to blame for their actions? How does that work? Blame the victim much?

        1. Anonymous Coward
          Anonymous Coward

          Re: Apple tried to warn you, several times

          What's this cryptocurrency application actually meant to do that I would want to download and install it giving it full rights to miComputer?

        2. RichardEM

          Re: Apple tried to warn you, several times

          Both are to blame, the who is the thief and the one who left the door open for the thief!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021