Get an AI Summary of This Article
Want a quick summary? Let AI help you digest the key points from this article.
Summarize in
or
North Korean hackers are allegedly using malware embedded within Flutter-based applications to target macOS systems, marking a new tactic for DPRK-linked threat actors, according to cybersecurity firm Jamf.
This is the first known instance of using Flutter — a framework by Google for creating cross-platform applications — as a vector for macOS malware, leveraging its built-in code obfuscation to evade detection.
The malware was found in applications like a Minesweeper game clone, designed with Flutter and distributed as a signed macOS app. The Flutter architecture, which inherently obscures code, may allow these malicious apps to bypass Apple’s notarization and slide under antivirus defenses.
Once opened, the malware communicates with a remote server, allowing the hackers to execute AppleScript commands to infiltrate victims’ systems.
As reported by The Hacker News, these malicious apps are part of a larger campaign, with malware variants also created in Golang and Python. Other malware types have been found masquerading as cryptocurrency and DeFi-related applications, indicating that the DPRK (Democratic People’s Republic of Korea) may be exploring new techniques to breach cryptocurrency businesses.
How Can Mac Users Stay Safe From These Apps?
Mac users can take the following steps to stay safe from potentially malicious apps given the recent targeting of macOS by malware embedded in Flutter applications:
- Only Download from trusted sources. Stick to the official Mac App Store or trusted developer websites.
- When downloading software, review the developer’s details and check for any unusual information. Cybercriminals sometimes use fake or stolen developer IDs to bypass security checks.
- Before installing or using an app, review its permissions. Be cautious with apps that request access to sensitive system areas or require unnecessary permissions.
- macOS has a built-in firewall that can block unwanted incoming connections. Go to System Settings > Network > Firewall to activate it.
- Since these malicious apps use AppleScript to execute commands, disabling AppleScript in System Preferences may reduce the risk.
Get an AI Summary of This Article
Want a quick summary? Let AI help you digest the key points from this article.
Share This Article
Start Growing with Cloudways Today.
Our Clients Love us because we never compromise on these
Hafsa Tahir
Hafsa is a content marketer who has been in the organic growth space for the past three years. With her background in Psychology and UX, she enjoys reading users' minds and is keen to try the most creative product marketing angles. Her copies scream: "you're not just a paycheck to us". Loves to crack unfunny jokes, pay gym fee and not go, and write psychologically disturbing short stories for some reason.
