🔐 RustDoor and GateDoor: A New Pair of Weapons Disguised as Legitimate Software by Suspected Cybercriminal
S2W Talon publishes an analysis report regarding RustDoor and GateDoor.
Please check and follow our medium blog for detail information.
- In December 2023, S2W’s threat intelligence center(a.k.a. Talon) discovered and continuously tracked the Rust-based macOS malware named RustDoor (a reference to the name given by BitDefender) disguised as a VisualStudio update.
-Through further analysis, we identified the Windows version of RustDoor, which we named GateDoor because it was written in Golang rather than Rust.
-(Similarity) RustDoor and GateDoor have overlapping endpoints used when communicating with the C&C server and have similar functions,
so the same attacker developed them.
-The infrastructure used by the two malware appears to be related to a RaaS affiliate called ShadowSyndicate, and the possibility that they are cybercrime collaborators who specialize in providing infrastructure cannot be ruled out.
🧑💻 Report Author: Minyeop Choi, Sojun Ryu, Sebin Lee, HuiSeong Yang | BLKSMTH | S2W Talon
👉 Learn more: https://bit.ly/3UMzFsd
If you have any questions about our cybersecurity reports, please don't hesitate to contact us.
✅ https://s2w.inc/en/contact