"MacOS Backdoor Appears to Be Update of Tool Previously Used by Vietnam-Linked Group"
According to Trend Micro researchers, the hacking group dubbed APT32 or OceanLotus appears to be using an updated version of a tool that can infiltrate macOS computers. The malicious software comes as a .zip file that uses a Microsoft Word Icon. It is designed to circumvent detection by antivirus software. When the malware is activated, it works as a backdoor for other payloads capable of pulling data from the infected machine. This discovery indicates that APT32 is continuing to update its tactics in the launch of espionage campaigns against Southeast Asia. The group was recently discovered to have used fake news sites to spy on users, infect their machines with malware, and use the Google Play Store to distribute spyware apps. This article continues to discuss APT32's macOS backdoor and other recent discoveries surrounding the hacking group.