Researchers have uncovered a new Trojan-attacking macOS user that is associated with the BlueNoroff APT group and their ongoing RustBucket campaign. As a subgroup of Lazarus, BlueNoroff possesses reverse engineering expertise because they spend time analyzing and patching SWIFT Alliance software as well as breaking apart legitimate software to uncover ways to steal a significant amount of money. This financially driven threat actor targets ATMs, POST software and cryptocurrency businesses, banks, casinos, and fin-tech organizations.
Source: GBHackers