North Korean Hackers Develop Malware to Bypass Apple Security Checks

According to Cointelegraph, researchers found malware developed by North Korean hackers that can bypass Apple's security checks. This is the first time this technique has been found to be used to attack macOS systems, but it cannot run on the latest systems.

Researchers at Jamf Threat Labs found that these malicious applications were reported as safe by Microsoft's VirusTotal online scanning service. The applications are written in Go and Python and utilize Google Flutter development tools.

Out of six malicious applications, five have developer account signatures and have been temporarily certified by Apple. Researchers noted that the domain names and technologies of these malware are similar to other North Korean malware, showing signs of having been certified by Apple in the past.

These malware names are related to cryptocurrency, such as 'New Update for Crypto Exchange' and 'A New Era for Stablecoins and DeFi', suggesting the hackers' targets. Executing 'New Update for Crypto Exchange' will open a modified version of Minesweeper.

North Korean hackers are known for their innovation, having exploited Chrome vulnerabilities to steal cryptocurrency wallet credentials in October. The United Nations states that they profit tens of millions of dollars monthly through cryptocurrency, totaling about $3 billion over the past six years.