Thursday, 10 March 2011

BlackHole RAT Mac OS X backdoor Trojan virus mimics password prompt

BlackHole RAT, Mac OS X Trojan
A new backdoor Trojan virus that targets Mac OS X has emerged, Sophos reports. Interestingly, the new virus, which is called BlackHole RAT (or OSX/MusMinim-A in virus definition speak), is a variant of the 'legitimate' Windows Trojan DarkComet-RAT.

Fortunately, the virus doesn't seem to be very malicious. It allows a remote controller to reboot or shutdown an infected computer, or pop up a fake 'Administrator Password' box that can be used to phish a user's password -- but for the most part, it actually seems to be a proof of concept; a warning to Mac users that their OS can be infected.

One of BlackHole RAT's functions pops open a full-screen dialog with only a 'reboot' button, and the following, vaguely sociopathic message:
"I am a Trojan Horse, so i have infected your Mac Computer. I know, most people think Macs can't be infected, but look, you ARE Infected!

I have full controll over your Computer and i can do everything I want, and you can do nothing to prevent it.

So, Im a very new Virus, under Development, so there will be much more functions when im finished."
You kind of expect 'muhahaha!!1' to be at the end.

As for how the virus is distributed, it is probably via the usual channels: pirate downloads, or vulnerable browser plug-ins. Sophos notes that its Anti-Virus for Mac Home Edition, which is a free download, identifies and removes the virus. You should probably run it, just to make sure you're not infected.

BlackHole RAT Mac OS X backdoor Trojan virus mimics password prompt originally appeared on Download Squad on Mon, 28 Feb 2011 10:15:00 EST. Please see our terms for use of feeds.

Permalink | Email this | Comments



No comments:

Post a Comment