Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems

silversurfer

silversurfer

Super Moderator
Thread author
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,072
Content source
https://thehackernews.com/2023/05/hackers-using-golang-variant-of-cobalt.html
A Golang implementation of Cobalt Strike called Geacon is likely to garner the attention of threat actors looking to target Apple macOS systems.

The findings come from SentinelOne, which observed an uptick in the number of Geacon payloads appearing on VirusTotal in recent months.

"While some of these are likely red-team operations, others bear the characteristics of genuine malicious attacks," security researchers Phil Stokes and Dinesh Devadoss said in a report.

Cobalt Strike is a well-known red teaming and adversary simulation tool developed by Fortra. Owing to its myriad post-exploitation capabilities, illegally cracked versions of the software have been abused by threat actors over the years.

While post-exploitation activity associated with Cobalt Strike has primarily singled out Windows, such attacks against macOS are something of a rarity.
Click to expand...


www.sentinelone.com

Geacon Brings Cobalt Strike Capabilities to macOS Threat Actors

An uptick in malicious macOS payloads contain Cobalt Strike Beacons written in Go and derived from a Chinese open-source repository.
www.sentinelone.com www.sentinelone.com
 
  • +Reputation
  • Like
  • Wow
Reactions: Daniel Hidalgo, upnorth, MuzzMelbourne and 4 others
MuzzMelbourne

MuzzMelbourne

Level 15
Verified
Top Poster
Well-known
Mar 13, 2022
599
I guess I can buy the advertised solution or wait for an Apple security update for free...

In the old days, we called these articles Advertorials.
 
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection
Replies
0
Views
741
News Archive
silversurfer
silversurfer
Gandalf_The_Grey
    • Like
    • +Reputation
Ransomware gangs, APT groups ditch Cobalt Strike for Brute Ratel
Replies
1
Views
1,069
News Archive
Andy Ful
Andy Ful
M
    • Like
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
Replies
0
Views
418
Microsoft Defender
Microsoft Threat Intelligence
M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top