New ‘malware’ found in MacOS that steals files by pretending to be a Visual Studio update

Rust-Based Backdoor Targeting MacOS Users: A Dangerous New Malware Threat in the Wild

Researchers from cybersecurity company Bitdefender have discovered a new type of malware targeting MacOS users. Dubbed Trojan.MAC.RustDoor, this backdoor masquerades as a Microsoft Visual Studio Code program update but is actually used to steal files from users’ computers.

Written in Rust, a relatively new programming language in the malware ecosystem, this backdoor allows cybercriminals to evade detection and analysis. The malware can be used to steal specific files or file types and then archive and upload them to a command and control center (C&C) so that malicious actors can access them.

This campaign has been active since at least November of last year and the malware has been running undetected for at least three months. To distribute itself, the malware spoofs an update to Microsoft’s Visual Studio program and uses names like ‘VisualStudioUpdater’, ‘DO_NOT_RUN_ChromeUpdates’, or ‘zshrc2’. Additionally, the malware runs on multiple types of processors and can include commands like ‘shell’, ‘cd’, ‘sleep’, ‘upload’, ‘taskkill’, or ‘dialog’ that allow cybercriminals to collect and upload files and obtain information about the infected device.

Although Bitdefender has not yet identified any known threat actor behind this campaign, they have observed similarities with ransomware ALPHV/BlackCat which also uses Rust programming language and “common domains” such as C&C infrastructure servers. This new malware poses a significant threat to MacOS users, highlighting the importance of staying vigilant and employing strong cybersecurity practices to protect against such attacks.

Leave a Reply

Lakewood Health Clinic in Staples to Welcome Cancer Center in 2022 Previous post Newly Announced Cancer Center Set to Transform Healthcare in Staples
The Hulk Reprising Role in Captain America: Brave New World Next post Mark Ruffalo Confirms Return to Marvel Cinematic Universe in Captain America: Brave New World, With Anthony Mackie and Uncertainty About Harrison Ford’s Portrayal of Thaddeus Ross