Chinese hackers target Mac users with boosted Macma malware

Chinese cybercriminals known as Daggerfly have been observed targeting macOS users with an updated version of their proprietary malware. Being a modular backdoor, Macma's key functionalities include device fingerprinting, executing commands, screen grabbing, keylogging, audio capture, and uploading/downloading files from the compromised systems. The discovery of recent Macma variants are testament of "Ongoing development", the researchers further explained, saying that they also observed a second version of Macma containing incremental updates to the existing functionality. Daggerfly was apparently using Macma against organizations in Taiwan and an American non-government organization in China. In the past, MgBot was seen used in targeted attacks, mostly since it was exceptionally good at evading detection, while remaining persistent. Finally, Dggerfly used a Windows backdoor called Trojan. Suzafk was developed using the same shared library used in Mgbot, Macma, and a number of other Daggerfly tools, Symantec added.