Press ESC to close

New macOS Backdoor Written in Rust Shows Possible Link with Windows Ransomware Group

UPDATE:

Following our initial release, we have been contacted by our fellow researchers at Jamf who were able to identify three more samples that act like first-stage payloads. They are responsible for downloading the backdoor:

* e7cab6f2be47940bf36e279bbec54ec7 – Jobinfo.app.zip
* 26d6a7e3507edf9953684d367dcd44bd – Jobinfo.zip
* 775851f86cbde630808ff6d2cf8cedbf – Jobinfo.zip

Combined with information in our previous research, the investigation of these samples revealed new components of t

Leave a Reply

Your email address will not be published. Required fields are marked *