New macOS Backdoor Written in Rust Shows Possible Link with Windows Ransomware Group

Bitdefender reports a multi-variant macOS backdoor family dubbed Trojan.MAC.RustDoor that impersonates installers/updates to deploy a Rust-written backdoor with AppleScript-based exfiltration and Go-based environment discovery; the campaign uses multiple persistence methods, communicates with identified C2 servers (endpoints leak victim/task data), and has been active since at least Nov 2023 with victims including cryptocurrency-related companies. The report provides detailed IOCs (hashes, domains, C2 IPs), downloader samples, and notes possible links to known ransomware infrastructure.