According to cybersecurity company Bitdefender, a recently discovered macOS backdoor written in Rust seems connected to the well-known ransomware families Black Basta and Alphv/BlackCat.
RustDoor is a malware that mimics Visual Studio and works with both Arm and Intel architectures. It has been around since November 2023 and has gone unnoticed for about three months. Bitdefender has discovered multiple malware variations, all of which, despite slight differences, share the same backdoor functionality. Every sample that has been examined can execute various commands to obtain information about the compromised system and to harvest and exfiltrate files.
A victim ID is created using the data and sent to a command-and-control (C&C) server for use in further communications.