Security News > 2024 > February > New RustDoor macOS malware impersonates Visual Studio update
A new Rust-based macOS malware spreading as a Visual Studio update to provide backdoor access to compromised systems uses infrastructure linked to the infamous ALPHV/BlackCat ransomware gang.
Written in Rust, the malware can run on Intel-based and ARM architectures, say researchers at cybersecurity company Bitdefender, who are tracking it as RustDoor.
While analyzing RustDoor, malware researchers at Bitdefender discovered that the malware communicated with four command and control servers.
In a report this week, the researchers say that RustDoor has commands to control the compromised system and to exfiltrate data, and it can persist on the device by modifying system files.
Mkdir: Creates a new directory, useful for organizing stolen data or malware components.
Download: Retrieves files from a remote server, used for bringing additional malware components or updates onto the infected system.