HZ Rat backdoor for macOS harvests data from WeChat and DingTalk

Aug. 27, 2024, 3:34 p.m.

Description

A version of the HZ Rat backdoor targeting users of China’s WeChat and DingTalk was uploaded to VirusTotal in July 2023 and was not detected by any vendor, research by Kaspersky suggests.

Date

Published: Aug. 27, 2024, 3:12 p.m.

Created: Aug. 27, 2024, 3:12 p.m.

Modified: Aug. 27, 2024, 3:34 p.m.

Indicators

20.60.250.230

58.49.21.113

47.100.65.182

29.40.48.21

218.65.110.180

218.193.83.70

123.232.31.206

120.53.133.226

113.125.92.32

111.21.246.147

Attack Patterns

HZ RAT

T1573

T1090

T1059