Jamf Blog
January 26, 2022 by Matthias Wollnik

Jamf protects against DazzleSpy backdoor malware making the rounds

Jamf Threat Labs updates Jamf Protect to completely prevent DazzleSpy from threatening the security of your macOS fleet.

Threat: DazzleSpy

ESET published an in-depth analysis into a newly discovered backdoor targeted at macOS.

Affects: DazzleSpy is known to affect macOS devices via a MachO binary.

Detected by: Jamf Protect detects DazzleSpy as part of the PlistDisguisedAsApple analytic.

Prevented by: Jamf Protect prevents DazzleSpy from running through Threat Prevention as of 1/25/2022.

Threat Defense prevents communication with all known C2 servers and URLs as of 1/26/2022.

IOCs (as published by ESET):


Web exploit URLs

Detection Content

Files and directories:

Mesmerized by the sheer number of macOS threats targeting your enterprise?

Jamf has your back by keeping your Mac fleet secured and sensitive data protected against existing and emerging threats.

Photo of Matthias Wollnik
Matthias Wollnik
Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.