Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023.
The backdoor, codenamed RustDoor by Bitdefender, has been found to impersonate an update for Microsoft Visual Studio and target both Intel and Arm architectures.
The exact initial access pathway used to propagate the implant is currently not known, although it’s said to be distributed as FAT binaries that contain Mach-O files.
Some versions also include configurations with details about what data to collect, the list of targeted extensions and directories, and the directories to exclude.
The captured information is then exfiltrated to a command-and-control (C2) server.
The Romanian cybersecurity firm said the malware is likely linked to prominent ransomware families like Black Basta and BlackCat owing to overlaps in C2 infrastructure.
In December 2023, the U.S. government announced that it took down the BlackCat ransomware operation and released a decryption tool that more than 500 affected victims can use to regain access to files locked by the malware.
Source: https://thehackernews.com/
