Today > | 7 High | 13 Medium | 5 Low vulnerabilities   -   You can now download lists of IOCs here!

New macOS malware gives attackers backdoor access to Macs

Sept. 16, 2024, 10:28 a.m.

Description

A new remote access Trojan (RAT) targeting macOS systems, dubbed HZ RAT, grants remote attackers complete control over infected Macs. The malware collects sensitive data, such as installed apps, user information from WeChat and DingTalk, and Google Password Manager credentials. It's suspected of spreading through malicious VPN apps and malvertising campaigns. Precautions like using trusted antivirus software and downloading apps from official sources are recommended to mitigate the threat.

Date

Published: Sept. 16, 2024, 9:56 a.m.

Created: Sept. 16, 2024, 9:56 a.m.

Modified: Sept. 16, 2024, 10:28 a.m.

Indicators

ffeed91c223a718c1afd6d8f059a76ec97eb0eae6c4b2072b343be1b4eba09b8

f3c101cd1e7be4ce6afe5d0236bfdd5b43870ff03556908f75692585cfd55c55

f39aafb9489b9b60b34e3d4e78cd9720446b6247531b81cbd4877804b065a25f

eb7a8ddf8fc13efcc4785226d0085379399c088604a8a451b8800b11e836a5af

e02e264a745e046f2a85ad90698fdd241c7902e73572a54995a8b20349bef940

d9b0fcd3b20a82b97b4c74deebc7a2abb8fd771eaa12aaf66bdd5cdeaa30f706

d006d5864108094a82315ee60ce057afc8be09546ffaa1f9cc63a51a96764114

c689113a9a2fca2148caa90f71115c2c2bafeac36edebde4ffc63f87619033a9

87393d937407a6fe9e69dad3836e83866107809980e20a40ae010d7d72f90854

7af7422edf7c558b6215489c020673e195e5eedd99ae330bb90066924f5cf661

74c92a7bc5f909f4e36d65ee1eb254c438f47f1a7d559d7629bccafd2d2979db

6210ec0e905717359e01358118781a148b6d63834a54a25a95e32e228598c391

5d78fc86a389247d768a6bdf46f3e4fd697ed87c133b99ee6865809e453b2908

1e07585f52be4605be0459bc10c67598eebe8c5d003d6e2d42f4dbbd037e74c1

1400210f2eedab36caff8ce89d6d19859ba3116775981b2be8b5069ef109c2c3

0cca3449ff12cb75c9fd9cf4628b5d72f5ac67d1954dc97d9830436207c4c917

58.49.21.113

47.100.65.182

29.40.48.21

218.65.110.180

218.193.83.70

123.232.31.206

120.53.133.226

113.125.92.32

111.21.246.147

Attack Patterns

HZ RAT

T1124

T1213

T1555

T1573

T1518

T1057

T1083

T1219

T1056

T1563