Press ESC to close

LightSpy Malware Variant Targeting macOS | Huntress

Category Details
Threat Actors Unknown actors using LightSpy framework
Campaign Overview Analysis of a macOS variant of the LightSpy spyware (previously known on iOS and Android)
Target Regions (Or Victims) macOS users, particularly Intel and Apple Silicon devices with Rosetta 2
Methodology Analysis of malware sample uploaded to VirusTotal, comparison with previous versions on iOS and Android
Product Targeted macOS (specifically Intel and Apple Silicon devices)
Malware Reference LightSpy, also known as WyrmSpy for Android
Tools Used YARA and Sigma rules for detection; GitHub repository for sharing technical details
Vulnerabilities Exploited Not specified, but operational security (opsec) improvements noted compared to earlier versions
TTPs – Dynamic loading of malicious modules (dylibs)
Attribution No direct attribution, but contributions from TrendMicro, Kaspersky, and ThreatFabric
Recommendations Use YARA and Sigma rules to detect the malware
Source Huntress Blog

Read full article: Read More
Disclaimer: The above summary has been generated by an AI language model.

Source: Huntress Blog

Published on: April 25, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *