New DazzleSpy malware attacks macOS

From blog.malwarebytes.com

New DazzleSpy malware attacks macOS

DazzleSpy, a piece of malware that attacks macOS, was discovered last fall by researchers at ESET, and now those researchers have released more detailed findings.

DazzleSpy, according to the researchers at ESET, was being spread via watering hole attacks via pro-democracy websites in China. It infected machines using a combination of two vulnerabilities, one in WebKit (the framework that powers Safari) and one in macOS (a privilege escalation vulnerability).

Now, if this sounds familiar, it’s because you’ve been paying attention—this is exactly the same technique as that used by the CDDS (aka Macma) malware that was described by Google in November, even down to spreading through Chinese pro-democracy sites.

Read more…