North Korea's Lazarus Group has leveraged the backdoored PDF reader app SwiftLoader used in the RustBucket campaign to facilitate the deployment of the KANDYKORN macOS malware in a bid to better evade detection, according to The Hacker News.
Article Link: Malware attack techniques combined in new North Korean macOS intrusions | SC Media