Facebook Twitter Instagram
    • Privacy Policy
    • Contact Us
    Facebook Twitter Instagram Pinterest Vimeo
    AI Home SecurityAI Home Security
    • Home
    • Home Security
    • Cyber Security
    • Biometric Technology
    Contact
    AI Home SecurityAI Home Security
    Cyber Security

    New Stealthy “RustDoor” Backdoor Targeting Apple macOS Devices

    justmattgBy justmattgFebruary 10, 2024No Comments2 Mins Read

    [ad_1]

    Feb 10, 2024NewsroommacOS Malware / Cyber Threat

    Apple macOS Devices

    Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023.

    The backdoor, codenamed RustDoor by Bitdefender, has been found to impersonate an update for Microsoft Visual Studio and target both Intel and Arm architectures.

    The exact initial access pathway used to propagate the implant is currently not known, although it’s said to be distributed as FAT binaries that contain Mach-O files.

    Multiple variants of the malware with minor modifications have been detected to date, likely indicating active development. The earliest sample of RustDoor dates back to November 2, 2023.

    It comes with a wide range of commands that allow it to gather and upload files, and harvest information about the compromised endpoint.

    Cybersecurity

    Some versions also include configurations with details about what data to collect, the list of targeted extensions and directories, and the directories to exclude.

    The captured information is then exfiltrated to a command-and-control (C2) server.

    The Romanian cybersecurity firm said the malware is likely linked to prominent ransomware families like Black Basta and BlackCat owing to overlaps in C2 infrastructure.

    “ALPHV/BlackCat is a ransomware family (also written in Rust), that first made its appearance in November 2021, and that has pioneered the public leaks business model,” security researcher Andrei Lapusneau said.

    In December 2023, the U.S. government announced that it took down the BlackCat ransomware operation and released a decryption tool that more than 500 affected victims can use to regain access to files locked by the malware.

    Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.



    [ad_2]

    Source link

    Previous ArticleMyrror Security Code-Aware and Attack-Aware SCA
    Next Article Fortinet Warns of Critical FortiOS SSL VPN Flaw Likely Under Active Exploitation
    justmattg
    • Website

    Related Posts

    Cyber Security

    Name That Toon: Last Line of Defense

    April 16, 2024
    Cyber Security

    OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

    April 16, 2024
    Cyber Security

    Middle East Cyber Ops Intensify, With Israel the Main Target

    April 16, 2024
    Add A Comment

    Leave A Reply Cancel Reply

    Facebook Twitter Instagram Pinterest
    • Privacy Policy
    • Contact Us
    AI Home Security © 2025 All rights reserved | Designed By ESmartsSolution

    Type above and press Enter to search. Press Esc to cancel.

    ↑