SYMBOLCOMMON_NAMEaka. SYNONYMS
osx.cdds (Back to overview)

CDDS

aka: Macma

Google TAG has observed this malware being delivered via watering hole attacks using 0-day exploits, targeting visitors to Hong Kong websites for a media outlet and a prominent pro-democracy labor and political group.

References
2021-11-15SentinelOnePhil Stokes
@online{stokes:20211115:infect:a1d440c, author = {Phil Stokes}, title = {{Infect If Needed | A Deeper Dive Into Targeted Backdoor macOS.Macma}}, date = {2021-11-15}, organization = {SentinelOne}, url = {https://www.sentinelone.com/labs/infect-if-needed-a-deeper-dive-into-targeted-backdoor-macos-macma/}, language = {English}, urldate = {2021-11-17} } Infect If Needed | A Deeper Dive Into Targeted Backdoor macOS.Macma
CDDS
2021-11-11GoogleErye Hernandez, Google Threat Analysis Group
@online{hernandez:20211111:analyzing:8107f2e, author = {Erye Hernandez and Google Threat Analysis Group}, title = {{Analyzing a watering hole campaign using macOS exploits}}, date = {2021-11-11}, organization = {Google}, url = {https://blog.google/threat-analysis-group/analyzing-watering-hole-campaign-using-macos-exploits/}, language = {English}, urldate = {2021-11-17} } Analyzing a watering hole campaign using macOS exploits
CDDS
2021-11-11Objective-SeePatrick Wardle
@online{wardle:20211111:osxcdds:bfdc124, author = {Patrick Wardle}, title = {{OSX.CDDS a sophisticated watering hole campaign drops a new macOS implant!}}, date = {2021-11-11}, organization = {Objective-See}, url = {https://objective-see.com/blog/blog_0x69.html}, language = {English}, urldate = {2021-11-17} } OSX.CDDS a sophisticated watering hole campaign drops a new macOS implant!
CDDS

There is no Yara-Signature yet.