Mastodawn

SentinelOne Jul 6, 2023

Phil Stokes Jul 6, 2023

Dug into the rustbucket #macOS #malware campaign previously reported by #jamf and #elastic. Lots of IoCs and some surprising variants. Amd I guess now I’ll have to invest less time in reversing Go bins and more in Rust. The learning never stops!
https://s1.ai/rustbucket

BlueNoroff | How DPRK’s macOS RustBucket Seeks to Evade Analysis and Detection

Threat actors are using increasingly sophisticated forms of evasion and anti-analysis as they respond to increased attention to macOS security in the enterprise.

SentinelOne