Apple macs are under cyber-siege

Jul 27 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that sees through cybercriminalsโ€™ lies ๐Ÿ‘€ Along with deepstate lies. Like the latest UFO revelations on #CapitolHill. What are they trying to distract us from this time, eh?! ๐Ÿค”๐Ÿ˜ณ๐Ÿ˜‚

Todayโ€™s hottest cyber security stories:

  • โ€๐Ÿ’ป macOS attack! Apple macs are under cyber-siege! Protect yoโ€™ self, yo ๐Ÿ›ก๏ธ

  • โ˜ญ North Korean state-backed hackers left with egg ๐Ÿœ on face following OPSEC blunder ๐Ÿคฆ๐Ÿฝ

  • ๐Ÿ‘ค Rust-based โ€˜Realstโ€™ infostealer targets macOS users' crypto wallets ๐Ÿ’ฐ

Hackers make the macOSa nostra an offer they canโ€™t refuse ๐ŸคŒ

๐Ÿ“ฐ Mac Security Alert! Rising Threats to macOS ๐Ÿšจ

๐ŸŽ As the number of macOS users grows, hackers are increasingly targeting Apple's operating system, putting users at risk! ๐Ÿ˜ฑ

๐Ÿ”’ Macs Aren't Immune! ๐Ÿ”’

Contrary to popular belief, Mac devices are not invulnerable to hacking and malware. Hackers are getting more inventive, and recent attacks like "Geacon" Cobalt Strike tool have wreaked havoc. Data theft, device control, and privacy breaches threaten Mac users.

๐Ÿ•ต๏ธโ€โ™€๏ธ Malware on the Prowl! ๐Ÿ•ต๏ธโ€โ™‚๏ธ

MacStealer, CloudMensis, and JockerSpy are among the dangerous malware attacking macOS. They steal sensitive data, access personal information, and compromise security through emails and deceptive websites. ๐Ÿ˜จ

๐ŸŒ Global Threats! ๐ŸŒ

Even state-sponsored hacking groups like North Korea's Lazarus Group have their eyes on Apple Macs. It's a wake-up call for those who thought they were safe from attacks! โš ๏ธ

๐Ÿ“Š Mac Security Survey 2023 ๐Ÿ“Š

Moonlock's team, dedicated to Mac cybersecurity, conducted a survey to understand user awareness and behaviour. The results are shocking! ๐Ÿ˜ฎ

๐Ÿ’ญ Cybersecurity Myths Persist ๐Ÿ’ญ

Many Mac users still underestimate the risks, believing malware doesn't exist on macOS. But attacks are real and dangerous!

๐Ÿ” Awareness vs. Risky Behaviour ๐Ÿ”

Over 50% of respondents have experienced hacking, fraud, or malware incidents. Shockingly, 22% use the same password for multiple accounts, and 31% skip software updates! ๐Ÿ˜ต

โš ๏ธ Time to Strengthen Mac Security! โš ๏ธ

With macOS under attack, it's crucial to stay vigilant and take cybersecurity seriously. Let's protect our beloved Macs from these ever-growing threats! ๐Ÿ’ช

Stay safe and secure! ๐Ÿ›ก๏ธ๐Ÿ”’

I came across ZZZ money club during the crypto market bull run when everyoneโ€™s a winner, even during the bear market this discord group has been amazing at giving information on projects and ways to make passive income in various ways.

The group is very active and everyone in this private discord group is very chatty and helpful.

Its run by Yourfriendandy and Decadeinvestor, you can find them here on YouTube, both top guys with great content.

If you are interested in joining the group you can through the link below.

Uh-oh! Time for a Korea change? ๐Ÿ˜

๐Ÿ“ฐ North Korean Hackers Exposed: JumpCloud Breach Unveiled! ๐Ÿ•ต๏ธโ€โ™‚๏ธ๐Ÿ’ป

The Reconnaissance General Bureau (RGB) of North Korea has been linked to the recent JumpCloud hack, all thanks to an operational security (OPSEC) mistake that revealed their true IP address. ๐Ÿ˜ฑ

๐Ÿ” Mandiant, Google-owned threat intelligence firm, identified the threat actor as UNC4899, which has connections with Jade Sleet and TraderTraitor groups, known for targeting blockchain and cryptocurrency sectors. UNC4899 also overlaps with APT43, a hacking crew from DPRK involved in intelligence gathering and cryptocurrency theft.

๏ฟฝ๏ฟฝ๏ธโ€โ™€๏ธ Modus Operandi Revealed ๐Ÿ•ต๏ธโ€โ™‚๏ธ

The attackers used Operational Relay Boxes (ORBs) with L2TP IPsec tunnels and commercial VPN providers to disguise their origins. However, an oversight led to the exposure of their 175.45.178[.]0/24 subnet during the breach.

๐Ÿ“… Date of Attack ๐Ÿ“…

The intrusion occurred on June 22, 2023, through a sophisticated spear-phishing campaign. This allowed the hackers to breach less than five customers and fewer than ten systems in a software supply chain attack.

Stay vigilant against such threats! ๐Ÿ”’๐Ÿ’ช

๐Ÿ—ž๏ธ Extra, Extra! Read all about itย ๐Ÿ—ž๏ธ

Each fortnite, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • ๐Ÿ’ธย The MoneyFitt Morning: A daily heads-up on what's important in investing & business. Loved by investors of all levels.

  • ๐Ÿ“ˆย Trends.vc: Discover new markets and ideas. Join 55,248 founders using this free newsletter to stay ahead.

  • ๐Ÿ˜ˆย The API Hacker Inner Circle: Join a community of developers, testers, and hackers who are upskilling their API hacking tradecraft.

Let us know what you think!

MacOS users, itโ€™s time to get โ€˜Realsticโ€™ ๐Ÿ˜ฌ Or notโ€ฆ

๐Ÿ“ฐ New Realst Malware Targets macOS: Protect Your Crypto! ๐Ÿ’ป๐Ÿ›ก๏ธ

Attention macOS users! A dangerous new malware family, Realst, is on the prowl, specifically targeting Apple systems, including the upcoming macOS 14 Sonoma. ๐Ÿ˜ฑ So-No!

๐ŸŒ Notable Targets ๐ŸŒ

Realst targets popular web browsers like Brave, Google Chrome, Mozilla Firefox, Opera, and Vivaldi. However, Apple Safari remains an exception. The malware can also snoop on Telegram and take screenshots.

๐Ÿ” How it Works ๐Ÿ”

Written in Rust programming language, Realst disguises itself as fake blockchain games like Brawl Earth, WildWorld, and more. Once installed, it can "empty crypto wallets and steal stored passwords and browser data" on both Windows and macOS devices. ๐Ÿ˜จ

๐Ÿ’ป The Modus Operandi ๐Ÿ’ป

Realst Infostealer spreads through malicious websites promoting these phoney games. Cybercriminals even use direct messages on social media, tricking users into testing the games for "paid collaborations." But beware, it's a trap! ๐Ÿšจ

Once executed, the malware wreaks havoc on your crypto wallets and sensitive information ๐Ÿ’€๐Ÿ’€๐Ÿ’€

๐Ÿ›ก๏ธ Top Tips:

  • Make sure to stay cautious while downloading games and apps. Only trust official sources, and be wary of unexpected messages offering paid collaborations.

  • Keep your security software up-to-date to safeguard against this growing threat.

  • Stay safe, cyber-squad, and protect your crypto assets! ๐Ÿ’ช๐Ÿ”’

So long and thanks for reading all the phish!

Recent articles