Intego Uncovers New Mac OS X Trojan
The malware has not yet been found in the wild.
Intego researchers recently uncovered new Mac malware, which the security firm has called OSX/Crisis.
"Crisis will impact machines differently depending on user rights," writes Threatpost's Brian Donohue. "For individuals with administrative permissions, it is dropping a rootkit to conceal itself as well as a number of files and folders to carry out its various functions. OSX/Crisis creates 17 files for users with admin-permissions and 14 for those without."
"Once installed, OS/X Crisis calls home to IP address 18.104.22.168 every five minutes, presumably to await instructions," writes VentureBeat's John Koetsier. "That IP address may change over time, as malware authors often build in features resistant to simple blocking."
"Additionally, the backdoor file with this functionality has been coded in such a way that reverse engineering tools won’t work as well when analyzing the file -- a technique called anti-analysis which is commonly seen in Windows malware, yet almost unheard of in OS X malware," writes LAPTOP Magazine's Davey Alba.
"This malware is the latest example of cyber criminals turning their attention to the Mac platform, which now has enough users that it is worth the time and effort it takes to write malware for it," notes Computer Business Review's Steve Evans.
"The threat has not appeared in the wild, but its complexity and use of clever infection techniques point to possible infections in future," writes The Register's John Leyden.