Bleeping Computer

Hackers use macOS extended file attributes to hide malicious code

Hackers are using a novel technique that abuses extended attributes for macOS files to deliver a new trojan that researchers call RustyAttr. The threat actor is hiding malicious code in custom file ...
Infosecurity-magazine.com

Lazarus Group Uses Extended Attributes for Code Smuggling in macOS

A new technique by the Lazarus Advanced Persistent Threat (APT) group has been used by the threat actor to smuggle malicious code onto macOS systems, using custom extended attributes. This innovative ...