Security News > 2024 > February > New RustDoor macOS malware impersonates Visual Studio update
A new Rust-based macOS malware spreading as a Visual Studio update to provide backdoor access to compromised systems uses infrastructure linked to the infamous ALPHV/BlackCat ransomware gang.
Written in Rust, the malware can run on Intel-based and ARM architectures, say researchers at cybersecurity company Bitdefender, who are tracking it as RustDoor.
While analyzing RustDoor, malware researchers at Bitdefender discovered that the malware communicated with four command and control servers.
In a report this week, the researchers say that RustDoor has commands to control the compromised system and to exfiltrate data, and it can persist on the device by modifying system files.
Mkdir: Creates a new directory, useful for organizing stolen data or malware components.
Download: Retrieves files from a remote server, used for bringing additional malware components or updates onto the infected system.
News URL
Related news
- New FrigidStealer Malware Targets macOS Users via Fake Browser Updates (source)
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- New Microsoft script updates Windows media with bootkit malware fixes (source)
- XCSSET macOS malware returns with first new version since 2022 (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)
- The XCSSET info-stealing malware is back, targeting macOS users and devs (source)
- New Mac Malware Poses as Browser Updates (source)