New macOS Backdoor Threat from North Korean Hackers

Cybersecurity researchers have discovered a new macOS backdoor, SpectralBlur, linked to North Korean threat actors. The threat actor has targeted high-value cryptocurrency and blockchain industries. The backdoor can upload/download files, run a shell, update configurations and delete files. It shares similarities with other malware such as KANDYKORN and RustBucket. Its discovery follows the identification of 21 new macOS-targeted malware families in 2023, up from 13 in 2022.