Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems

[silversurfer]

Content source

https://thehackernews.com/2023/05/hackers-using-golang-variant-of-cobalt.html

A Golang implementation of Cobalt Strike called Geacon is likely to garner the attention of threat actors looking to target Apple macOS systems.

The findings come from SentinelOne, which observed an uptick in the number of Geacon payloads appearing on VirusTotal in recent months.

"While some of these are likely red-team operations, others bear the characteristics of genuine malicious attacks," security researchers Phil Stokes and Dinesh Devadoss said in a report.

Cobalt Strike is a well-known red teaming and adversary simulation tool developed by Fortra. Owing to its myriad post-exploitation capabilities, illegally cracked versions of the software have been abused by threat actors over the years.

While post-exploitation activity associated with Cobalt Strike has primarily singled out Windows, such attacks against macOS are something of a rarity.

Geacon Brings Cobalt Strike Capabilities to macOS Threat Actors

An uptick in malicious macOS payloads contain Cobalt Strike Beacons written in Go and derived from a Chinese open-source repository.

www.sentinelone.com

 

[MuzzMelbourne]

I guess I can buy the advertised solution or wait for an Apple security update for free...

In the old days, we called these articles Advertorials.