"Open-Source Cobalt Strike Port 'Geacon' Used in macOS Attacks"

Geacon, a Go-based implementation of the beacon from the widely exploited penetration testing suite Cobalt Strike, is increasingly being used to target macOS devices. Geacon and Cobalt Strike are both utilities that legitimate organizations use to simulate attacks against their networks and strengthen their defenses, but threat actors have also used them to conduct attacks. In regard to Cobalt Strike, threat actors have been exploiting it to compromise Windows systems for years, and the information security industry has been fighting it. SentinelOne researchers monitoring Geacon activity in the wild have recently observed an increase in payloads on VirusTotal. While some exhibited signs of red team operations, others displayed traits of malicious attacks. This article continues to discuss the use of Geacon in attacks against macOS devices.  

Bleeping Computer reports "Open-Source Cobalt Strike Port 'Geacon' Used in macOS Attacks"