New macOS backdoor named RustDoor linked to Black Basta and Alphv/BlackCat ransomware #macOS #RustDoor #ransomware #cybersecurity #malware #BlackBasta #Alphv #cybercrime

Summary: A newly discovered macOS backdoor called RustDoor has been found to be associated with the ransomware groups Black Basta and Alphv/BlackCat. The backdoor, written in Rust, has been circulating since November 2023 and supports both Intel and Arm architectures. It has multiple variants that share the same backdoor functionality. RustDoor impersonates Visual Studio and has commands to harvest and exfiltrate files and gather information about the infected machine. The backdoor uses a command-and-control (C&C) server to generate a victim ID for communication. The configuration file allows for impersonation of different applications and includes persistence mechanisms. Bitdefender, the cybersecurity firm that discovered RustDoor, found that it uses C&C servers previously associated with Black Basta and Alphv/BlackCat ransomware campaigns.

Hashtags: #macOS #RustDoor #ransomware #cybersecurity #malware #BlackBasta #Alphv #cybercrime

https://www.securityweek.com/new-macos-backdoor-linked-to-prominent-ransomware-groups/