SYMBOLCOMMON_NAMEaka. SYNONYMS
osx.rustbucket (Back to overview)

RustBucket

Actor(s): Lazarus Group

There is no description at this point.

References
2023-07-05SentinelOnePhil Stokes
@online{stokes:20230705:bluenoroff:15e17f0, author = {Phil Stokes}, title = {{BlueNoroff | How DPRK’s macOS RustBucket Seeks to Evade Analysis and Detection}}, date = {2023-07-05}, organization = {SentinelOne}, url = {https://www.sentinelone.com/blog/bluenoroff-how-dprks-macos-rustbucket-seeks-to-evade-analysis-and-detection/}, language = {English}, urldate = {2023-07-08} } BlueNoroff | How DPRK’s macOS RustBucket Seeks to Evade Analysis and Detection
RustBucket
2023-06-29ElasticColson Wilhoit, Salim Bitam, Seth Goodwin, Andrew Pease, Ricardo Ungureanu
@online{wilhoit:20230629:dprk:e7dd437, author = {Colson Wilhoit and Salim Bitam and Seth Goodwin and Andrew Pease and Ricardo Ungureanu}, title = {{The DPRK strikes using a new variant of RUSTBUCKET}}, date = {2023-06-29}, organization = {Elastic}, url = {https://www.elastic.co/security-labs/DPRK-strikes-using-a-new-variant-of-rustbucket}, language = {English}, urldate = {2023-07-02} } The DPRK strikes using a new variant of RUSTBUCKET
RustBucket
2023-05-01JPCERT/CCShusei Tomonaga
@online{tomonaga:20230501:attack:5c3693e, author = {Shusei Tomonaga}, title = {{Attack trends related to the attack campaign DangerousPassword}}, date = {2023-05-01}, organization = {JPCERT/CC}, url = {https://blogs.jpcert.or.jp/ja/2023/05/dangerouspassword.html}, language = {English}, urldate = {2023-07-11} } Attack trends related to the attack campaign DangerousPassword
RustBucket CageyChameleon Cur1Downloader SnatchCrypto
2023-04-21Jamf BlogFerdous Saljooki, Jaron Bradley
@online{saljooki:20230421:bluenoroff:68aef87, author = {Ferdous Saljooki and Jaron Bradley}, title = {{BlueNoroff APT group targets macOS with ‘RustBucket’ Malware}}, date = {2023-04-21}, organization = {Jamf Blog}, url = {https://www.jamf.com/blog/bluenoroff-apt-targets-macos-rustbucket-malware/}, language = {English}, urldate = {2023-04-25} } BlueNoroff APT group targets macOS with ‘RustBucket’ Malware
RustBucket

There is no Yara-Signature yet.