Posted by: David Harley | April 17, 2010

Hellish Mac Malware

Intego have announced that they’ve found a new Mac malware variant.

The malware in question has bot/backdoor functionality, and they identify it as OSX/HellRTS.D. While this malware hasn’t been found in the wild (i.e. on a victim’s machine) as yet, it has been widely distributed on certain forums, so it’s likely that there will be attempts to establish it as “live” feral malware. That doesn’t mean they’ll succeed, of course, but the software sounds quite sophisticated (I haven’t yet seen a sample), and in my experience, Intego are very reliable as a source of information.

Tip of the hat to Kevin Townsend for drawing my attention to the press release.

David Harley FBCS CITP CISSP
Mac Virus
Small Blue-Green World
AVIEN Chief Operations Officer
ESET Research Fellow & Director of Malware Intelligence

Also blogging at:
http://www.eset.com/blog
http://avien.net/blog/
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com
http://chainmailcheck.wordpress.com
http://amtso.wordpress.com

About these ads

Posted in Apple, David Harley, Intego, Kevin Townsend, OSX/HellRTS.D | Tags: , , , ,

«
»

Responses

  1. [...] posted at Mac Virus about a new Mac malware variant at http://macviruscom.wordpress.com/2010/04/17/hellish-mac-malware/. I also posted more about Londoning and blackhat SEO at [...]

    By: Some possibly interesting links and a very old new paper | ESET ThreatBlog on April 17, 2010
    at 13:29

    Reply

  2. [...] More on that hellish Mac malware… …that I mentioned a day or two ago at http://macviruscom.wordpress.com/2010/04/17/hellish-mac-malware/. [...]

    By: More on that hellish Mac malware… « Mac Virus on April 19, 2010
    at 15:22

    Reply

  3. [...] …that I mentioned a day or two ago at http://macviruscom.wordpress.com/2010/04/17/hellish-mac-malware/. [...]

    By: More on that hellish Mac malware… | Portable Digital Video Recorder on April 19, 2010
    at 20:12

    Reply

  4. [...] posted at Mac Virus about a new Mac malware variant at http://macviruscom.wordpress.com/2010/04/17/hellish-mac-malware/. I also posted more about Londoning and blackhat SEO at [...]

    By: Triflex Enterprise | Some possibly interesting links and a very old new paper on April 23, 2010
    at 14:19

    Reply


Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Categories

Follow

Get every new post delivered to your Inbox.

Join 25 other followers

%d bloggers like this: