Novel RustDoor macOS malware fueled by ransomware infrastructure

13 February 2024

Three command-and-control servers previously linked to the ALPHV/BlackCat and Black Basta ransomware operations have been leveraged to support the novel Rust-based RustDoor backdoor, which spoofed Visual Studio to facilitate compromise file exfiltration on macOS devices since November, according to SecurityWeek. Bitdefender researchers discovered three variants of the RustDoor malware, with the latest version found to feature a complicated JSON configuration, larger files, and an Apple script enabling document exfiltration from certain folders that are then copied to a hidden folder and compressed prior to C2 server delivery.

Source: SC Magazine

Date:

13 February 2024

Categorie(s):

NEWS

Tag(s):

IT, Malware, News, Novel

Microsoft plans to lock down Windows DNS like never before. Here’s how.4 May 2024
Kaspersky hits back at claims its AI helped Russia develop military drone systems4 May 2024
Kaspersky hits back at claims it helped Russia develop military drone systems3 May 2024
Smoke and (screen) mirrors: A strange signed backdoor3 May 2024
Kaspersky accused of helping Russia develop military drone systems3 May 2024