Sneaky Trojan Gets Some Back Door Action in Apple's OS X

From DailyTech: Security researchers at Sophos Labs have discovered a naughty new trojan that's in the process of beta testing attack capabilities against the growing population of Mac users.

The trojan exploits open back doors in OS X to gain a good deal of access to the system. It can be transmitted through a variety of vectors, including torrent files or seemingly legitimate download programs. It could also be, in the future, delivered via the exploitation of browser flaws to perform "drive by downloads".

Once inside, the Trojan gets down to business, allowing the attacker to have their way with their Apple victim. The attacker can plant text files on the desktop, force URLs to open, run shell commands, and pop up fake password windows in a phishing attempt.

They can also force the users machine shutdown or reboot. When a reboot is forced an amusing message pops up, informing:

"I am a Trojan Horse, so i have infected your Mac Computer. I know, most people think Macs can't be infected, but look, you ARE Infected! I have full controll over your Computer and i can do everything I want, and you can do nothing to prevent it.

So, Im a very new Virus, under Development, so there will be much more functions when im finished."

The virus is a port of darkComent, a remote access trojan for Windows. The new OS X versions has been dubbed "OSX/MusMinim-A", or "MusMinim" for short, by Sophos. Its creators, however, call it BlackHoleRat.

View: Article @ Source Site