Security researcher Patrick Wardle writes that Lazarus group RAT malware targets MacOS for the first time. MalwareBytes also published a report (and the source of my quote below). It turned out to be distributed with a two-factor authentication application called MinaOTP, commonly used by Chinese users.
We believe this Mac variant of Dcals RAT is associated with the Lazarus group, also known as Hidden Cobra and APT 38, an infamous actor in the North Korean threat carrying out spy and cybercrime operations since 2009.
The group is known for being one of the most sophisticated players, capable of creating personalized malware to target different platforms. The discovery of this Mac RAT shows that this APT group is constantly developing its set of malicious tools.
The conclusion I draw is that it is unlikely to affect most Mac users.
Check it out: Lazarus Group RAT Dacls affect Macs for the first time
Tags: Malware, Security