A new technique by the Lazarus Advanced Persistent Threat (APT) group has been used by the threat actor to smuggle malicious code onto macOS systems, using custom extended attributes. This innovative method, observed by Group-IB, bypasses traditional security measures, enabling malicious code to remain concealed and undetected.

Source: Infosecurity Magazine – Information Security & IT Security