backtop


Print 88 comment(s) - last by overzealot.. on Mar 6 at 1:06 AM


The new Apple Trojan "BlackHoleRat" sneaks itself in through OS X users' open back doors. It is currently in "beta" and its capabilities are being expanded.  (Source: Sophos Labs)

One of its capabilities is to pop up fake administrator password request windows as a phishing attempt  (Source: Sophos Labs)

The trojan even delivers humorous messages to users in current form.  (Source: Sophos Labs)

  (Source: Chris Moncus)
Malicious program still appears to be in "beta" form, unlike its Windows counterpart

Security researchers at Sophos Labs have discovered a naughty new trojan that's in the process of beta testing attack capabilities against the growing population of Mac users.

The trojan exploits open back doors in OS X to gain a good deal of access to the system.  It can be transmitted through a variety of vectors, including torrent files or seemingly legitimate download programs.  It could also be, in the future, delivered via the exploitation of browser flaws to perform "drive by downloads".

Once inside, the Trojan gets down to business, allowing the attacker to have their way with their Apple victim.  The attacker can plant text files on the desktop, force URLs to open, run shell commands, and pop up fake password windows in a phishing attempt.

They can also force the users machine shutdown or reboot. When a reboot is forced an amusing message pops up, informing:

I am a Trojan Horse, so i have infected your Mac Computer. I know, most people think Macs can't be infected, but look, you ARE Infected! I have full controll over your Computer and i can do everything I want, and you can do nothing to prevent it.

So, Im a very new Virus, under Development, so there will be much more functions when im finished.

The virus is a port of darkComent, a remote access trojan for Windows.  The new OS X versions has been dubbed "OSX/MusMinim-A", or "MusMinim" for short, by Sophos.  Its creators, however, call it BlackHoleRat.

Sophos believes its creators will likely expand its functionality now that the concept has been proven.  It will likely be loaded with far nastier tricks in the future.

Despite its obscurity, Apple's poor security track record virtually ensures that Apple OS X users back doors will be open in years to come.  And increasingly they may find malicious individuals looking to poke and prod their way inside.

Still Apple has been quite quiet in its direction to users to get an anti-virus program.  To this day it still tries to portray Windows as "virus-laden" and OS X as virus-free.  As a result of this ostrich-in-the-sand attitude, some users may fall victim of unwanted backdoor intrusion.

Apple has yet to comment on its users' latest infection or hint at how widespread it might be.


Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Wut?
By messele on 2/28/2011 3:32:23 PM , Rating: -1
That is a fair claim though. No Mac in recorded history has secumbed to a virus.

Those pwn2own competitions clearly do not count since the hackers are given access to the computer before the stopwatch starts so that's hardly proof of anything.

Mac OS has holes and vulnerabilities but nobody has ever found, much less exploited anything that does not require physical access to the machine of some form.

I hear every time that nothing has ever happened because Mac OS has "security by obscurity" ok so if that's a fair claim I say in return that virus writers are idiots since:

A) Mac ownership may be a small percentage but it's still millions of machines

B) Mac owners are often (not always) at the wealthier end of the spectrum and are therefore more lucrative targets.

C) Mac owners generally do not pay any attention to security so SHOULD be a easy target.

with this in mind isn't it curious that people still bother attacking Windows at all...


RE: Wut?
By damianrobertjones on 2/28/2011 4:25:26 PM , Rating: 2
I resent and will never agree with this comment and even mentioning it (even though you put 'not always) makes my blood boil.

"B) Mac owners are often (not always) at the wealthier end of the spectrum and are therefore more lucrative targets."

In the UK you have people on the dole, thousands of them with macs and they are poor (in a fashion). This MYTH needs to go away, quickly.


RE: Wut?
By testerguy on 3/3/2011 4:20:27 AM , Rating: 2
Oh wake up, it's common knowledge that macs are certainly not at the budget end of the spectrum and therefore clearly not the mainstream option for cheap computers.

Take the Macbook Air, for example. Costs, what 1,000 GBP? Compare that an Acer 15 inch brick which costs 300 GBP. Only people who can afford to spend that kind of money will buy the Macbook Air, and that will (more often than not) be people with more money in general. Same applies to the iPhone, which is an expensive option, phone wise.

What you're saying is the equivalent of saying you resent the claim that Rolls Royces are purchased mostly by wealthy people.


RE: Wut?
By Alexstarfire on 2/28/2011 8:32:13 PM , Rating: 1
B) You don't need viruses/malware/trojans/etc to get people's money. Social engineering works on any platform and is a lot easier to do these days. Sure, trojans are probably far more effective on an individual basis for getting the pertinent information, but phishing can hit anyone and everyone. I don't think it'd be effective on me because not only am I aware that it's possible, but all the stuff I use for my passwords and security questions isn't stuff that you're just going to find on some social networking site. I make sure that at least 1 question is something that only I would know, and that can be hard since so many sites give you a set list to choose from.


"The whole principle [of censorship] is wrong. It's like demanding that grown men live on skim milk because the baby can't have steak." -- Robert Heinlein














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki