RustBucket

Description

(Sekoia) Since at least December 2022, Bluenoroff was observed leveraging RustBucket, a Rust and Objective-C written malware targeting macOS running systems. This recent Bluenoroff activity illustrates how intrusion sets turn to cross-platform language in their malware development efforts, further expanding their capabilities highly likely to broaden their victimology. While other DPRK-nexus intrusion sets, including Lazarus, Kimsuky and more recently Reaper were already reported targeting macOS, it is the first time Bluenoroff was observed targeting macOS users, to the best of our knowledge.

Names

Name
RustBucket

Type

Backdoor

Information

https://blog.sekoia.io/bluenoroffs-rustbucket-campaign/
https://www.jamf.com/blog/bluenoroff-apt-targets-macos-rustbucket-malware/
https://www.elastic.co/security-labs/DPRK-strikes-using-a-new-variant-of-rustbucket
https://securelist.com/bluenoroff-new-macos-malware/111290/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/osx.rustbucket

Other Information

Uuid

d02062d7-5d48-45f1-bd97-4869a78fa8fd

Last Card Change

2024-01-16

Threat Intelligence Garden

Explorer

RustBucket

RustBucket

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks