A recently detected macOS backdoor, developed using the Rust programming language, is causing concern among cybersecurity experts. This threat employs a clandestine interactive shell and leverages Telegram for file uploads to discreetly exfiltrate data from Apple devices.
The malware, identified in early June 2026, was initially flagged by an Apple XProtect update when a suspicious file was uploaded to VirusTotal on May 22. Although identified through a hash-based rule, most static scanning engines failed to detect it at the time.
Malware Capabilities and Impact
Known as macOS.Gaslight, the malware consolidates a comprehensive data theft toolkit within a persistent Rust binary. It is capable of extracting browser credentials from Chrome, Brave, Firefox, and Safari, capturing terminal histories, listing installed applications, and copying the macOS login keychain file.
Once collected, the data is compressed into a zip file and transmitted to the attacker using Telegram’s file-upload feature. This method integrates the data exfiltration process into seemingly normal traffic.
Connections to North Korean Threats
Research from SentinelOne indicates that this malware is part of a broader set of activities linked to North Korea. Apple’s XProtect associates the malware with a family of threats tied to DPRK operations, and a related sample is identified by Apple’s AIRPIPE rule, also linked to North Korean campaigns.
The malware is notable for embedding 38 fabricated system messages aimed at deceiving AI-based malware analysis tools. This technique, known as prompt injection, manipulates analytical tools rather than the sandbox environments, causing AI triage systems to potentially overlook the malware.
Technical Details and Evasion Tactics
The malware is ad hoc signed with a unique identifier embedded within the binary. According to SentinelOne’s report shared with Cyber Security News, this threat signifies an advancement in how malicious actors design implants to bypass contemporary detection mechanisms.
Upon verifying its Telegram bot token, the malware establishes a live interactive shell on the compromised device, supporting six commands such as executing shell code, terminating processes, and transferring files. All communications utilize the Telegram Bot API, which also serves as a single-instance lock.
To secure its communication channel, the malware encrypts traffic using AES-GCM and implements certificate pinning, complicating interception through typical network monitoring. It adapts to host proxy settings, allowing it to function in networks with enforced outbound proxies, enhancing its resilience in controlled environments.
Strategies for Persistence and AI Manipulation
The backdoor persists using a LaunchAgent disguised as an Apple service, ensuring it remains active across reboots and user sessions. This method involves writing its file path into the LaunchAgent configuration at runtime.
The implant conceals its Telegram bot token through a self-redaction process, substituting the live token with a placeholder during URL construction to prevent recovery via logs or crash reports. Experts advise treating suspicious content as adversarial input and caution against exposing unknown files to AI analysis without adequate sandboxing.
For further updates, follow us on Google News, LinkedIn, and X, and set Cyber Security News as a preferred source in Google for more instant updates.
