Posted by: David Harley | October 25, 2011

OSX/Tsunami.A: old code, new platform

ESET has just reported an IRC-controlled backdoor Trojan that turns the infected machine into a bot used for DDoS (Distributed Denial of Service) attacks. That may sound nothing special, except that it’s a 64-bit Mach-O binary, native to OS X. Well, not exactly native: it’s a port from an antique family of Linux ELF binaries, recompiled with minor IRC changes for the Mac.

More information in Robert Lipovský’s blog post here.

David Harley CITP FBCS CISSP
Small Blue-Green World/Mac Virus  

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: