 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: Macma| Names | Macma MacMa CDDS DazzleSpy | |
| Category | Malware | |
| Type | Backdoor, Info stealer, Credential stealer, Exfiltration | |
| Description | (Symantec) Macma is a macOS backdoor that was first documented by Google in 2021 but appears to have been used since at least 2019. At the time of discovery, it was being distributed in watering hole attacks involving compromised websites in Hong Kong. The watering holes contained exploits for iOS and macOS devices. Users of macOS devices were targeted with a privilege escalation vulnerability (CVE-2021-30869) which allowed the attackers to install Macma on vulnerable systems. Macma is a modular backdoor. Functionality includes: • Device fingerprinting • Executing commands • Screen capture • Keylogging • Audio capture | |
| Information | <https://symantec-enterprise-blogs.security.com/threat-intelligence/daggerfly-espionage-updated-toolset> | |
| MITRE ATT&CK | <https://attack.mitre.org/software/S1016> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/osx.cdds> | |
Last change to this tool card: 27 August 2024
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Bronze Highland |  | 2012-Jul 2024 | |||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |