Mac OS Hit With DazzleSpy Malware, Hong Kong And Watering Holes Involved

Published: May 29, 2022 on our newsletter Security Fraud News & Alerts Newsletter.



Those who breathe a little easier thinking their Mac is grounded in security and free from most malware attacks should seriously consider revisiting that thought. Cybercrimes aren’t limited to Android devices and Windows systems anymore; not that they ever were. However, a recent discovery of new cyber-espionage malware attacks against Mac’s OS should shake Apple fans to their core. This malware dubbed DazzleSpy by ESET, has links to Hong Kong, watering holes, and activists, helping give us a bird’s eye view into this spyware and its attacks on Macs.


As the market share for MacOS devices continues growing, hackers are increasingly setting their sights on them, and DazzleSpy attackers are no different. And with China being a country that’s elevated cyber-espionage to an art form, you can bet DazzleSpy is a highly effective spyware.


Hong Kong started the botnet’s attack chain by luring pro-democracy activists to the watering holes (sites where users gather to discuss common interests) to monitor their devices and leverage web browser exploits. The attack chain also included compromising pro-democracy internet radio station, D100 Radio in Hong Kong. That’s when D100 Radio listeners had malicious inline frames (iframes) injected into the activist’s devices at their watering hole. This allowed the installation of DazzleSpy, the new macOS backdoor cyber-espionage malware, to their Mac devices, ESET reports.



ESET researchers found among DazzleSpy’s features include data exfiltration, system data theft, starting or stopping remote screen use, and iCloud Keychain data dumps before removing all traces of itself from the infected device.


DazzleSpy’s Truly Dazzles


Since DazzleSpy’s attack vectors within the U.S. is currently a question mark, smart money is on email phishing. Information Technology and Services company, Tessian, finds 96% of malware arrives via phishing email, 3% use malicious websites, and 1% use a phone. With email being the clear frontrunner, a review of anti-phishing precautions is always helpful.


Common sense still rules as the overall best approach to email phishing, along with using “think before you click” as a mantra. First, check the email sender and If you don’t recognize them, and/or the greeting is generic, that’s a big red flag. If the sender provides contact information like a phone number or website, don’t use it. Chances are it’s a hacker setup and you could be calling the hacker or their helpers directly. Instead, do an online search to see if they’re legit.


Don’t open links or attachments as they can be malware-filled. Remember, one bad click can take down an entire data system. Always check for poor grammar, spelling and bad graphics, a sure sign the email sender isn’t who they claim to be. Lastly, keep all device software updated, especially anti-virus. Updates often include fixes to security bugs and keep your device safer overall. So, always use your “Spidey-Sense” to check for email phishing because you never know when they’ll hit your inbox, and there may come a time you’ll be very glad you did.


Keep up to date: Sign up for our Fraud alerts and Updates newsletter

Want to schedule a conversation? Please email us at advisor@nadicent.com

3 views0 comments