RustBucket (Malware Family)
By Fraunhofer FKIE
Archived: 2026-04-05 19:26:21 UTC
osx.rustbucket (Back to overview)
RustBucket
Actor(s): Lazarus Group
There is no description at this point.
References
2023-12-05 ⋅ Kaspersky Labs ⋅ Sergey Puzan
BlueNoroff: new Trojan attacking macOS users
RustBucket
2023-11-27 ⋅ SentinelOne ⋅ Phil Stokes
DPRK Crypto Theft | macOS RustBucket Droppers Pivot to Deliver KandyKorn Payloads
HLOADER KANDYKORN RustBucket SUGARLOADER
2023-11-20 ⋅ PWC ⋅ Sveva Vittoria Scenarelli
King of Thieves: Black Alicanto and the Ecosystem of North Korea-Based Cyber Operations
RustBucket CageyChameleon RustBucket
2023-07-05 ⋅ SentinelOne ⋅ Phil Stokes
BlueNoroff | How DPRK’s macOS RustBucket Seeks to Evade Analysis and Detection
RustBucket
2023-06-29 ⋅ Elastic ⋅ Andrew Pease, Colson Wilhoit, Ricardo Ungureanu, Salim Bitam, Seth Goodwin
The DPRK strikes using a new variant of RUSTBUCKET
RustBucket
2023-05-01 ⋅ JPCERT/CC ⋅ Shusei Tomonaga
Attack trends related to the attack campaign DangerousPassword
RustBucket CageyChameleon Cur1Downloader SnatchCrypto
2023-04-21 ⋅ Jamf Blog ⋅ Ferdous Saljooki, Jaron Bradley
BlueNoroff APT group targets macOS with ‘RustBucket’ Malware
RustBucket
https://malpedia.caad.fkie.fraunhofer.de/details/osx.rustbucket
Page 1 of 2

There is no Yara-Signature yet.
Source: https://malpedia.caad.fkie.fraunhofer.de/details/osx.rustbucket
https://malpedia.caad.fkie.fraunhofer.de/details/osx.rustbucket
Page 2 of 2