APT37 Targets Windows with Rust Backdoor and Python Loader

S2W published a comprehensive report on the same threat actor, detailing PubNub-based communication malware and the deployment of VCD ransomware. In this blog post, ThreatLabz expands on these findings and highlights the infection chain observed, along with the C2 operations that orchestrate the full tradecraft of this threat actor. ThreatLabz’s latest findings suggest that APT37 utilized the Rust programming language to create a lightweight backdoor we named Rustonotto, which has basic functionality for executing Windows commands and sending the results to a threat actor-controlled server.

To read the complete article see: https://www.zscaler.com/blogs/security-research/apt37-targets-windows-rust-backdoor-and-python-loader