New MacOS Malware Disguised as Visual Studio Update Can Steal Files

Cybersecurity Concerns Rise as New MacOS Malware Spreads Through Undetected Updates

A new malware targeting MacOS users has been identified by researchers from cybersecurity company Bitdefender. Dubbed Trojan.MAC.RustDoor, this backdoor is part of an undocumented malware family and offers cybercriminals advantages in evading attack detection and analysis thanks to the Rust programming language. The malware can steal specific files or file types and upload them to a command and control center for malicious actors to access. It has been active since at least November of last year and has run undetected for three months.

The malware poses as an update to Microsoft’s Visual Studio program, using file names such as ‘VisualStudioUpdater’, ‘DO_NOT_RUN_ChromeUpdates’, or ‘zshrc2’. The files are displayed as Binary FAT, meaning they can run on multiple types of processors based on Intel (x86_64) and ARM (Apple Silicon) architectures. Researchers have identified various versions of the malware, including commands that allow cybercriminals to collect and upload files, as well as obtain information about the device itself where the backdoor is being carried out.

While there is currently no known threat actor associated with this malware campaign, its similarities with ransomware ALPHV/BlackCat suggest a possible connection between the MacOS malware and Windows ransomware campaigns. Three out of four command and control servers used in this malware have been associated with previous ransomware campaigns targeting Windows customers, indicating a possible link between the two types of attacks.

Leave a Reply

Include this food as a pre-meal option to cut calories Previous post How to Satiate Your Appetite and Reduce Calories with Vegetable Soup: Study Finds Hot, Fibrous Broth Helps with Feelings of Satiety
Crowds gather at the Brandenburg Gate and Sonnenallee Next post Hundreds Gather in Berlin to Protest Israeli Army’s Attacks on Rafah