New macOS backdoor JokerSpy impacts Japanese crypto exchange

27 June 2023

Attackers, tracked under the REF9134 intrusion set, were able to compromise an unspecified major Japan-based cryptocurrency service provider specializing in Ethereum and Bitcoin trading with the novel JokerSpy macOS backdoor earlier this month, reports The Hacker News. Included in the JokerSpy toolkit is the multi-architecture binary dubbed ‘xcc’ signed as XProtectCheck that monitors permissions for FullDiskAccess and ScreenRecording while evading Apple’s security protections, according to a report from Elastic Security Labs.

Source: SC Magazine

Date:

27 June 2023

Categorie(s):

NEWS

Tag(s):

IT, Japanese, New, News

Smashing Security podcast #370: The closed loop conundrum, default passwords, and Baby Reindeer1 May 2024
Cyberattack against United Russia claimed by Ukraine1 May 2024
US jails former NSA employee for attempting secret sale to Russia1 May 2024
Better identity threat detection sought by new Semperis ML-based tool1 May 2024
Oasis Security reels in $35M more to secure nonhuman identities1 May 2024