IOC pivotioc · domain
cloud[.]dnx[.]capital
KP · DPRKBlueNoroffconfidence · high
C2 domain associated with the RustBucket macOS malware family attributed to BlueNoroff in Jamf Threat Labs' April 2023 disclosure. The malware was delivered via a backdoored 'Internal PDF Viewer' application targeting finance-sector users.
- family
- RustBucket
- first seen
- Apr 20, 2023
- publisher
- Jamf Threat Labs