Thursday, May 12, 2022

Patrick Wardle - From the DPRK With Love


If you are a Mac user and you are not yet familiar with Patrick Wardle, I'd highly recommend you check out his blog and his work.  He is a security consultant and pretty much the creme de la creme of Mac experts.  His blog can be found at this link.  

Patrick has devoted himself to the study of Mac malware, even going so far as to finding vulnerabilities in both applications and the Mac Operating System itself.  He also runs a 501(c)(3) foundation devoted to the study of and solutions to Mac problems and malware.

Through his foundation "Objective See" he also releases tools/applications that help Mac users monitor vital functions, locate unwelcome processes, and become aware of potential "bad things" happening in places most of us would never look.  Oh, and did I mention that he provides these tools for FREE?  

Patrick has a long history of working in the security arena and he's one of those individuals who, when he speaks, the industry listens... and rightly so.

On a personal note, I've never met Patrick face to face, but we've corresponded a bit and I've come away impressed.  It's a given that a guy like this is smart.  However, it's rare these days to find someone who is doing the right thing simply because it's the right thing to do.  Because of that, I highly recommend supporting Patrick through Patreon.  That allows him to continue the good fight and to help provide the community with high quality and effective tools.

Now on to the heart of today's post.  If you follow the security industry and read what's been going on the past few months, you've seen that North Korea has put forth a lot of effort in attempting to compromise security researchers in an attempt to learn better ways to break into systems.  North Korea is under an incredible number of sanctions that limit their ability to earn money that the country wants to spend in its nuclear weapons program.

The North Korean economy is floundering and because of that, their government sponsored hackers have been working hard to break into banks and basically find any way possible to bring money into North Korean coffers.

The latest efforts they've put forth are in the areas of cryptocurrency and the blockchain.  Obviously their hope is to make off with cash from different sources.  These attempts to steal crypto and hack the blockchain were publicized by the U.S. Cybersecurity & Infrastructure Security Agency (often abbreviated as CISA).  Objective See has analyzed the Mac parts of this and Patrick has posted his analysis.

He recently put up a blog post about this situation which is a fascinating read.  

No comments:

Post a Comment