Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems


Level 85
Thread author
Honorary Member
Top Poster
Content Creator
Malware Hunter
Aug 17, 2014
A Golang implementation of Cobalt Strike called Geacon is likely to garner the attention of threat actors looking to target Apple macOS systems.

The findings come from SentinelOne, which observed an uptick in the number of Geacon payloads appearing on VirusTotal in recent months.

"While some of these are likely red-team operations, others bear the characteristics of genuine malicious attacks," security researchers Phil Stokes and Dinesh Devadoss said in a report.

Cobalt Strike is a well-known red teaming and adversary simulation tool developed by Fortra. Owing to its myriad post-exploitation capabilities, illegally cracked versions of the software have been abused by threat actors over the years.

While post-exploitation activity associated with Cobalt Strike has primarily singled out Windows, such attacks against macOS are something of a rarity.



Level 15
Top Poster
Mar 13, 2022
I guess I can buy the advertised solution or wait for an Apple security update for free...

In the old days, we called these articles Advertorials.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.