Skip to content

Hide Navigation Hide TOC

MacMa (7e5a643d-ebfd-4ec6-9fdc-79d6f47fafdb)

MacMa is a macOS-based backdoor with a large set of functionalities to control and exfiltrate files from a compromised computer. MacMa has been observed in the wild since November 2021.[ESET DazzleSpy Jan 2022] MacMa shares command and control and unique libraries with MgBot and Nightdoor, indicating a relationship with the Daggerfly threat actor.[Symantec Daggerfly 2024]

Cluster A Galaxy A Cluster B Galaxy B Level
Daggerfly (f0dab388-1641-50aa-b0b2-6bdb816e0490) Tidal Groups MacMa (7e5a643d-ebfd-4ec6-9fdc-79d6f47fafdb) Tidal Software 1