ESET published an in-depth analysis into a newly discovered backdoor targeted at macOS.
Affects: DazzleSpy is known to affect macOS devices via a MachO binary.
Detected by: Jamf Protect detects DazzleSpy as part of the PlistDisguisedAsApple analytic.
Prevented by: Jamf Protect prevents DazzleSpy from running through Threat Prevention as of 1/25/2022.
Threat Defense prevents communication with all known C2 servers and URLs as of 1/26/2022.
IOCs (as published by ESET):
Web exploit URLs
Files and directories:
Mesmerized by the sheer number of macOS threats targeting your enterprise?
Jamf has your back by keeping your Mac fleet secured and sensitive data protected against existing and emerging threats.
Have market trends, Apple updates and Jamf news delivered directly to your inbox.