MacMa (7e5a643d-ebfd-4ec6-9fdc-79d6f47fafdb)
MacMa is a macOS-based backdoor with a large set of functionalities to control and exfiltrate files from a compromised computer. MacMa has been observed in the wild since November 2021.[ESET DazzleSpy Jan 2022] MacMa shares command and control and unique libraries with MgBot and Nightdoor, indicating a relationship with the Daggerfly threat actor.[Symantec Daggerfly 2024]
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
Daggerfly (f0dab388-1641-50aa-b0b2-6bdb816e0490) | Tidal Groups | MacMa (7e5a643d-ebfd-4ec6-9fdc-79d6f47fafdb) | Tidal Software | 1 |