
image credit: unsplash
North Korean threat actors behind two major macOS-targeting malware strains of 2023 — RustBucket and KandyKorn — have been found mixing the elements of these disparate attacks to evade detection, according to a SentinelOne study.
The new technique leverages the RustBucket dropper, SwiftLoader, to deliver the KandyKorn remote access trojan (RAT) payload.