Hackers rejig Linux Trojan for Macs

Malware writers continue toying with Mac OS X

Malware writers have repackaged an old Linux backdoor known as Tsunami to target Mac OS X systems, researchers at Slovakian antivirus firm ESET have discovered.

“It is actually an OS X port of the Linux family of backdoors that we have been detecting since 2002,” ESET malware researcher Robert Lipovsky said Thursday.

The malware waits for instructions from an IRC channel, which could order an infect Mac to join a Distributed Denial of Service attack or download additional malware. It also allowed the attacker to take control of an infected computer by executing shell commands.

The capabilities were basically the same as the Linux Tsunami malware, said Lipovsky, but the IRC server, channel and password had changed.

Security vendor Sophos updated its Mac antivirus product and identified the malware was delivered as a Trojan.

It’s currently not known how this malware would find its way on to a Mac machine, however recent attempts to target the platform have relied on social engineering to convince victims to sign the application, such as the MacDefender scareware, and the more recent Flashback malware, which posed as a Flash Player installer.

“It could be that a malicious hacker plants it there, to access your computer remotely and launch DDoS attacks, or it may even be that you have volunteered your Mac to participate in an organised attack on a website,” Sophos’ Graham Cluley speculated.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags malwareLinuxMac OS XantivirustrojanesettsunamiRobert LipovskyLinux Tsunami

More about LinuxMacsSophos

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

More videos

Blog Posts