New macOS Backdoor Written in Rust Shows Possible Link with Windows Ransomware Group

Bitdefender researchers describe an active macOS backdoor family dubbed Trojan.MAC.RustDoor written in Rust (with Go-based loaders observed) that has been distributed as fake app/binary installers since at least November 2023; the malware supports remote shell/file operations, collects system and user data (including targeted documents and Apple Notes), persists via cron/LaunchAgents/.zshrc/Dock modification, communicates with multiple C2 endpoints offering task management and exfiltration APIs, and includes numerous IOCs (file hashes, download domains, C2 URLs) with suspected victims in the cryptocurrency sector.