Spy trojan steals audio, video, email, IM, keystrokes, from Windows, Mac and mobile

By

And it is the first trojan to use a Mac rootkit.

A cross-platform trojan has been discovered that hijacks Windows and Mac OS X machines and mobile devices, and steals audio and video feeds, screenshots and keystrokes .

Spy trojan steals audio, video, email, IM, keystrokes, from Windows, Mac and mobile

The comprehensive espionage toolkit dubbed BackDoor.DaVinci.1 malware was thought to be the first use of a rootkit to hide a trojan on the Apple operating system.

It allowed criminals to siphon data stolen by keyloggers to remote servers, along with screenshots, intercepted e-mail, and instant messaging chats including ICQ and Skype. Microphone and web cam feeds could also be captured. 

DaVinci.1

DaVinci.1 also contained counter anti-virus and firewall tools.

Russian anti-virus vendor Dr Web discovered the malware after a user this week reported the infected image. 

"The trojan poses a serious threat to users because it not only intercepts any information on the infected computer but also gives criminals full control over a compromised system so that they can render it non-operational," the company said.

It said the malware had "functional modules" that includes a backdoor component that is encrypted and uses rootkits.

The malware spread via an Adobe Flash Player (*.jar) file that was signed with an invalid  certificate. 

DaVinci.1 would first detect the operating system of a target machine before launching malicious payloads.

Dr Web did not say which mobile operating platforms were also affected.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Log In

  |  Forgot your password?