Protesters in Hong Kong were tricked into visiting a compromised pro-democracy radio station website that delivered DazzleSpy malware through a Safari exploit.
The IT security researchers at ESET have reported a new macOS malware strain used in targeted attacks against the visitors of a fake pro-democracy radio station website (fightforhkcom) in Hong Kong. The cyber-espionage malware is dubbed DazzleSply, and it targets macOS devices in watering-hole attacks.
It is worth noting that the malicious website was originally identified by Félix Aimé, an IT security researcher. Félix noted that the website was created from the scratch with the sole purpose of spreading malware.
According to researchers, DazzleSpy is basically a backdoor that helps carry out surveillance on a compromised Mac device. The malware is delivered through a Safari browser exploit and used against pro-democracy and politically active people residing in Hong Kong.
Reportedly, a previously identified zero-day flaw was exploited to conduct watering-hole attacks and install a backdoor on users’ iOS/macOS devices who visited pro-democracy websites in Hong Kong.
According to ESET, in this case, the website was used to encourage a watering hole attack and serve a Safari browser exploit to visitors, which leads to the deployment and