TLDR:
- Hackers are targeting macOS users through the messaging platform WeChat.
- The malware, known as HZ Rat, gathers data and has the potential for lateral movement within networks.
In a recent development, cybersecurity researchers at Kaspersky Lab identified the HZ Rat backdoor attacking macOS users via the messaging platform WeChat. This malware, originally targeting Windows users, has now expanded to target macOS, utilizing shell scripts received from C2 servers to gather system information and potentially move laterally within networks. The backdoor closely resembles the Windows variant, suggesting the attackers’ specific objectives and capabilities. The full extent of HZ Rat’s capabilities and the attackers’ goals remain speculative, highlighting the need for heightened security measures to protect macOS users from cyber threats.