Posted by: David Harley | April 17, 2010

Hellish Mac Malware

Intego have announced that they’ve found a new Mac malware variant.

The malware in question has bot/backdoor functionality, and they identify it as OSX/HellRTS.D. While this malware hasn’t been found in the wild (i.e. on a victim’s machine) as yet, it has been widely distributed on certain forums, so it’s likely that there will be attempts to establish it as “live” feral malware. That doesn’t mean they’ll succeed, of course, but the software sounds quite sophisticated (I haven’t yet seen a sample), and in my experience, Intego are very reliable as a source of information.

Tip of the hat to Kevin Townsend for drawing my attention to the press release.

David Harley FBCS CITP CISSP
Mac Virus
Small Blue-Green World
AVIEN Chief Operations Officer
ESET Research Fellow & Director of Malware Intelligence

Also blogging at:
http://www.eset.com/blog
http://avien.net/blog/
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com
http://chainmailcheck.wordpress.com
http://amtso.wordpress.com

Advertisements

Responses

  1. […] posted at Mac Virus about a new Mac malware variant at https://macviruscom.wordpress.com/2010/04/17/hellish-mac-malware/. I also posted more about Londoning and blackhat SEO at […]

  2. […] More on that hellish Mac malware… …that I mentioned a day or two ago at https://macviruscom.wordpress.com/2010/04/17/hellish-mac-malware/. […]

  3. […] …that I mentioned a day or two ago at https://macviruscom.wordpress.com/2010/04/17/hellish-mac-malware/. […]

  4. […] posted at Mac Virus about a new Mac malware variant at https://macviruscom.wordpress.com/2010/04/17/hellish-mac-malware/. I also posted more about Londoning and blackhat SEO at […]


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: