Intego Warns of New "Malware for Mac"
Intego has discovered a new variant of malware for Macs dubbed HellRTS. Should it be installed on machines running Mac OS X, HellRTS opens a backdoor that, in a nutshell, wreaks havoc by allowing remote users to essentially play "Avatar: the home game" with your Mac and take control of infected machines, performing a variety of actions on them.
Intego, which recognizes the aforementioned security threat as OSX/HellRTS.D, is actually a variant of a six-year old Mac OS X
malware. A potentially dangerous entity, HellRTS is sophisticated enough to - as Intego warns - set up its own server and configure a server port and password. And it's only downhill from there, as it intelligently "duplicates itself, using the names of different applications, adding the new version to a userís login items, to ensure that it starts up at login."
Getting installed on a Mac, unfortunately, isn't too terribly difficult for HellRTS, which can find its way in via a Trojan horse or by capitalizing on a known vulnerability via a program accessed through a web browser. Intego says HellRTS can send e-mail with its own mail server, contact a remote server, and provide direct access to an infected Mac. As if that weren't scary enough, the malware variant is also capable of establishing remote screen sharing and powering down or restarting your Mac.
It should be noted, however, that Intego can't point to the discovery of any such infections in the wild. But it's out there and being distributed on forums prowled by malicious users who all but certainly would love to take HellRTS out for a dastardly spin to see what it can do.
For more info on HellRTS, check out Intego