Security researchers have identified a new macOS backdoor potentially linked to the OceanLotus threat group, also known as “APT 32”, “SeaLotus” and “Cobalt Kitty” to name a few.
According to the Trend Micro report, OceanLotus targets macOS computers that have Perl programming installed. The group was previously responsible for cyber campaigns and targeted attacks against human rights organizations, media organizations, research institutes, and maritime construction firms.
The backdoor was found in a malicious Word document likely sent via phishing campaign.