ESET published an in-depth analysis into a newly discovered backdoor targeted at macOS.
Affects: DazzleSpy is known to affect macOS devices via a MachO binary.
Detected by: Jamf Protect detects DazzleSpy as part of the PlistDisguisedAsApple analytic.
Prevented by: Jamf Protect prevents DazzleSpy from running through Threat Prevention as of 1/25/2022.
Threat Defense prevents communication with all known C2 servers and URLs as of 1/26/2022.
IOCs (as published by ESET):
Web exploit URLs
Files and directories:
Mesmerized by the sheer number of macOS threats targeting your enterprise?
Jamf has your back by keeping your Mac fleet secured and sensitive data protected against existing and emerging threats.