HackerNet

A new macOS malware strain called ObjCShellz has been attributed to the North Korea-linked nation-state group called BlueNoroff. The malware is used as part of the RustBucket malware campaign, which came to light earlier this year.

ObjCShellz is an AppleScript-based backdoor that retrieves a second-stage payload from an attacker-controlled server. The malware is likely delivered via social engineering, such as phishing emails or malicious websites.

Security researchers believe that ObjCShellz is a late-stage malware in a multi-stage attack. This means that it is likely not the first piece of malware that will be installed on a victim’s machine. Instead, it is likely that ObjCShellz will be installed after the attackers have already gained access to the victim’s machine through another vulnerability.

This is not the first time that BlueNoroff has been blamed for hacking macOS machines. The group has also been linked to the Lazarus Group, which is known for its sophisticated cyberattacks.

How to Protect Yourself from ObjCShellz and Other Malware

To protect yourself from ObjCShellz and other malware, you should follow these best practices:

• Keep your macOS software up to date. Apple releases security updates for macOS on a regular basis. These updates often patch vulnerabilities that could be exploited by malware.
• Be careful about what you click on in emails and on websites. Phishing emails and malicious websites are a common way for malware to be spread. Be suspicious of any emails or websites that you do not recognize or that ask you to click on links or open attachments.
• Use a strong password for your macOS account. A strong password is at least 12 characters long and includes a mix of upper and lowercase letters, numbers, and symbols.
• Enable two-factor authentication for your macOS account. Two-factor authentication adds an extra layer of security to your account by requiring you to enter a code from your phone or another device in addition to your password when you log in.
• Install a reputable antivirus and anti-malware program. Antivirus and anti-malware programs can help to detect and remove malware from your computer.

What to Do If You Think You Have Been Infected with ObjCShellz

If you think you have been infected with ObjCShellz, you should immediately disconnect your computer from the internet and contact a cybersecurity professional for help.