Warning: New secret “RustDoor” backdoor is targeting Apple macOS devices

Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar ...

by Vikash Kumawat
3 comments 687 views

Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023.

The backdoor has been named RustDoor by Bitdefender, which impersonates an update to Microsoft Visual Studio and targets both Intel and Arm architectures.

The exact initial access path used to disseminate the implant is not currently known, although it is said to be distributed as FAT binaries containing Mac-O files.

Several variants of the malware with minor modifications have been detected to date, possibly indicating active development. The earliest sample of Rustdoor is dated November 2, 2023.

It comes with a wide range of commands that allow it to collect and upload files and obtain information about the compromised endpoint.

Some versions also include configuration with details on what data to collect, a list of targeted extensions and directories, and directories to exclude.

The captured information is then sent to a command-and-control (C2) server.

The Romanian cybersecurity firm said the malware is likely linked to major ransomware families such as BlackBasta and BlackCat due to overlap in C2 infrastructure.

“ALPHV/BlackCat is a ransomware family (also written in Rust) that first appeared in November 2021 and pioneered the public leak business model,” said security researcher Andrei Lapusneau.

In December 2023, the US government announced that it had removed the BlackCat ransomware operation and released a decryption tool that more than 500 affected victims could use to regain access to files locked by the malware.

You may also like

3 comments

streameast September 16, 2024 - 6:17 pm

of course like your website but you have to check the spelling on several of your posts A number of them are rife with spelling issues and I in finding it very troublesome to inform the reality on the other hand I will certainly come back again

Reply
twinklecrest September 18, 2024 - 2:43 pm

Hi i think that i saw you visited my web site thus i came to Return the favore Im attempting to find things to enhance my siteI suppose its ok to use a few of your ideas

Reply
guitar September 30, 2024 - 9:08 am

helloI like your writing very so much proportion we keep up a correspondence extra approximately your post on AOL I need an expert in this space to unravel my problem May be that is you Taking a look forward to see you

Reply

Leave a Comment

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
-
00:00
00:00
Update Required Flash plugin
-
00:00
00:00