OceanLotus

Description

OSX_OCEANLOTUS.D is a MacOS backdoor that has been used by APT32.

Names

Name
OceanLotus
OSX_OCEANLOTUS.D
Backdoor.MacOS.OCEANLOTUS.F

Category

Malware

Type

• Backdoor

Information

• https://blog.trendmicro.com/trendlabs-security-intelligence/new-macos-backdoor-linked-to-oceanlotus-found/
• https://www.welivesecurity.com/2019/04/09/oceanlotus-macos-malware-update/
• https://researchcenter.paloaltonetworks.com/2017/06/unit42-new-improved-macos-backdoor-oceanlotus/
• https://www.alienvault.com/blogs/labs-research/oceanlotus-for-os-x-an-application-bundle-pretending-to-be-an-adobe-flash-update

Mitre Attack

• https://attack.mitre.org/software/S0352/

Malpedia

• https://malpedia.caad.fkie.fraunhofer.de/details/osx.oceanlotus

Other Information

Uuid

36d247e3-947d-44ec-aec7-fdb514618882

Last Card Change

2022-12-30