Windows Trojan re-configured for MacOS

Powered by SC Magazine
 

Rare find: Backdoor BlackHole RAT.

Security vendor Sophos has found an old Windows backdoor Trojan that has been reconfigured for MacOS X systems.

The trojan, called Blackhole Remote Access Trojan (RAT), appeared to be an early experiment, according to Sophos security advisor Chester Wisniewski.

“As even the malware itself admits, it is not yet finished, but it could be indicative of more underground programmers taking note of Apple's increasing market share,” the researcher said.

The Trojan relies on social engineering to attempt to slip past Apple’s application signing process, prompting a user to type in their Administrator Password in order to install it.

Wisniewski said the Trojan’s functions include placing text files on the desktop, sending commands to restart, shutdown or sleep, running arbitrary shell commands, creating a window that forces a user to reboot, and sending viewed URLs to an open website. 

Security vendors have long talked of the impending rise of malware for Macs, but so far the platform has failed to attract malware writers en masse.

Security giant McAfee had avoided releasing a MacOS X security product but last year released one.

Apple last year reportedly issued a patch that dealt with another Trojan, HellRTS.

Copyright © iTnews.com.au . All rights reserved.


Windows Trojan re-configured for MacOS
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1792

Vote
Do you support the abolition of the Office of the Information Commissioner?