ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "When macOS gets frostbite."
Episode Synopsis
Jaron Bradley, Director of Jamf Threat Labs, is sharing their work on "ChillyHell: A Deep Dive into a Modular macOS Backdoor." Jamf Threat Labs uncovers a newly notarized macOS backdoor called ChillyHell, tied to past UNC4487 activity and disguised as a legitimate applet.
The malware showcases robust host profiling, multiple persistence mechanisms, timestomping, and flexible C2 communications over both DNS and HTTP. Its modular design includes reverse shells, payload delivery, self-updates, and a brute-force component targeting user credentials.
The research can be found here:
ChillyHell: A Deep Dive into a Modular macOS Backdoor
Learn more about your ad choices. Visit megaphone.fm/adchoices
The malware showcases robust host profiling, multiple persistence mechanisms, timestomping, and flexible C2 communications over both DNS and HTTP. Its modular design includes reverse shells, payload delivery, self-updates, and a brute-force component targeting user credentials.
The research can be found here:
ChillyHell: A Deep Dive into a Modular macOS Backdoor
Learn more about your ad choices. Visit megaphone.fm/adchoices
More episodes of the podcast Research Saturday
The lies that let AI run amok.
20/12/2025
Root access to the great firewall.
13/12/2025
A new stealer hiding behind AI hype.
29/11/2025
Two RMMs walk into a phish…
22/11/2025
When clicks turn criminal.
15/11/2025
A fine pearl gone rusty.
08/11/2025
Attack of the automated ops.
01/11/2025
A look behind the lens.
25/10/2025
Smile for the malware.
18/10/2025
No honor among thieves.
11/10/2025
In God we trust