Hackers rejig Linux Trojan for Macs

Malware writers continue toying with Mac OS X

Malware writers have repackaged an old Linux backdoor known as Tsunami to target Mac OS X systems, researchers at Slovakian antivirus firm ESET have discovered.

“It is actually an OS X port of the Linux family of backdoors that we have been detecting since 2002,” ESET malware researcher Robert Lipovsky said Thursday.

The malware waits for instructions from an IRC channel, which could order an infect Mac to join a Distributed Denial of Service attack or download additional malware. It also allowed the attacker to take control of an infected computer by executing shell commands.

The capabilities were basically the same as the Linux Tsunami malware, said Lipovsky, but the IRC server, channel and password had changed.

Security vendor Sophos updated its Mac antivirus product and identified the malware was delivered as a Trojan.

It’s currently not known how this malware would find its way on to a Mac machine, however recent attempts to target the platform have relied on social engineering to convince victims to sign the application, such as the MacDefender scareware, and the more recent Flashback malware, which posed as a Flash Player installer.

“It could be that a malicious hacker plants it there, to access your computer remotely and launch DDoS attacks, or it may even be that you have volunteered your Mac to participate in an organised attack on a website,” Sophos’ Graham Cluley speculated.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Tags LinuxLinux TsunamitsunamiMac OS XtrojanesetRobert Lipovskyantivirusmalware


Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Security Solutions-GigaVUE-420

In partnership, Newgen provides innovative network monitoring and security solutions based upon Gigamon’s GigaVUE-420 systems.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.