Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > uk.comp.sys.mac > #180186 > unrolled thread
| Started by | David <David@example.net> |
|---|---|
| First post | 2025-02-11 10:15 +0000 |
| Last post | 2025-02-11 20:47 +0000 |
| Articles | 2 — 1 participant |
Back to article view | Back to uk.comp.sys.mac
Scan result - POSITIVE! David <David@example.net> - 2025-02-11 10:15 +0000
Re: Scan result - POSITIVE! David <David@example.net> - 2025-02-11 20:47 +0000
| From | David <David@example.net> |
|---|---|
| Date | 2025-02-11 10:15 +0000 |
| Subject | Scan result - POSITIVE! |
| Message-ID | <m10maeFrtu9U1@mid.individual.net> |
Here's a screenshot ..... https://i.ibb.co/twzPJxTy/Screenshot-2025-02-11-at-10-07-47.png = ChatGPT says .... Trojan.OSX.RustAgent is a term that may refer to a category of macOS malware developed using the Rust programming language. One notable example is "RustDoor," a persistent macOS backdoor identified in early 2024. RustDoor is distributed under various disguises, including as a Visual Studio update, and is capable of running on both Intel-based and Apple Silicon architectures. Its functionalities include executing arbitrary shell commands, uploading and downloading files, and establishing persistence through multiple methods such as modifying system files and creating LaunchAgents. The malware communicates with command and control servers to receive instructions and exfiltrate data. Notably, some infrastructure associated with RustDoor has been linked to the ALPHV/BlackCat ransomware group, though a definitive connection has not been established. citeturn0search2 Another instance of Rust-based macOS malware is "RustBucket," which has been observed to masquerade as legitimate applications to deceive users. These malware variants highlight a growing trend of using the Rust programming language to develop cross-platform threats targeting macOS systems. citeturn0search4 It's important to note that the term "Trojan.OSX.Agent" is a generic classification used by security vendors to identify macOS trojans with varying functionalities. For example, Kaspersky's definition of "Trojan.OSX.Agent.gen" describes it as a malicious program designed to electronically spy on the user's activities, such as intercepting keyboard input and taking screenshots. citeturn0search1 Given the evolving nature of malware, it's crucial to keep macOS systems updated and employ reputable security solutions to detect and mitigate such threats.
[toc] | [next] | [standalone]
| From | David <David@example.net> |
|---|---|
| Date | 2025-02-11 20:47 +0000 |
| Message-ID | <m11rbiF30ddU1@mid.individual.net> |
| In reply to | #180186 |
On 11/02/2025 10:15, David wrote: > Here's a screenshot ..... > > https://i.ibb.co/twzPJxTy/Screenshot-2025-02-11-at-10-07-47.png ASC post says this:- https://i.ibb.co/tp51skhP/Screenshot-2025-02-11-at-18-35-01.png HTH -- David
[toc] | [prev] | [standalone]
Back to top | Article view | uk.comp.sys.mac
csiph-web