OSX/Tsunami.A: old code, new platform

Posted by: David Harley | October 25, 2011

OSX/Tsunami.A: old code, new platform

ESET has just reported an IRC-controlled backdoor Trojan that turns the infected machine into a bot used for DDoS (Distributed Denial of Service) attacks. That may sound nothing special, except that it’s a 64-bit Mach-O binary, native to OS X. Well, not exactly native: it’s a port from an antique family of Linux ELF binaries, recompiled with minor IRC changes for the Mac.

More information in Robert Lipovský’s blog post here.

David Harley CITP FBCS CISSP
Small Blue-Green World/Mac Virus

Posted in ESET | Tags: backdoor, bot, DDoS, ELF binary, Linux, Mach-O binary, Robert Lipovský

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Google account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

M	T	W	T	F	S	S
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30
31

Mac Virus