Security News > 2024 > February > New RustDoor macOS malware impersonates Visual Studio update
A new Rust-based macOS malware spreading as a Visual Studio update to provide backdoor access to compromised systems uses infrastructure linked to the infamous ALPHV/BlackCat ransomware gang.
Written in Rust, the malware can run on Intel-based and ARM architectures, say researchers at cybersecurity company Bitdefender, who are tracking it as RustDoor.
While analyzing RustDoor, malware researchers at Bitdefender discovered that the malware communicated with four command and control servers.
In a report this week, the researchers say that RustDoor has commands to control the compromised system and to exfiltrate data, and it can persist on the device by modifying system files.
Mkdir: Creates a new directory, useful for organizing stolen data or malware components.
Download: Retrieves files from a remote server, used for bringing additional malware components or updates onto the infected system.
News URL
Related news
- Fake browser updates spread updated WarmCookie malware (source)
- macOS HM Surf vuln might already be under exploit by major malware family (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- New RustyAttr Malware Targets macOS Through Extended Attribute Abuse (source)