New macOS malware RustBucket attributed to North Korean group BlueNoroff

Threat Advisories

New macOS malware RustBucket attributed to North Korean group BlueNoroff

Threat Level
Attack Report

For a detailed threat advisory, download the pdf file here

Summary

RustBucket, attributed to BlueNoroff, is split into two stages, with the second stage application appearing as a legitimate PDF viewer but becoming malicious when a specific PDF is loaded.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.