New Trojan Confirmed for Apple's Mac OS X

[Michael Essany]

Security analysts at Sophos report that a new "backdoor Trojan" has been written by hackers that specifically takes aim at Apple's Mac OS X operating system. According to Chester Wisniewski of Naked Security - the popular IT security blog - the trojan in question makes remote operations and password "phishing" relatively simple.

As even the malware itself admits, it is not yet finished, but it could be indicative of more underground programmers taking note of Apple's increasing market share.

SophosLabs says the trojan is a "variant" of a longstanding Remote Access Trojan (RAT) for Windows known as "darkComet." In this particular instance, however, the individual behind the Trojan refers to it as the "BlackHole RAT." For now, Sophos is calling it OSX/MusMinim-A, or "MusMinim." It reportedly includes both German and English in the user interface.

Sophos says that the potentially nefarious functions served by MusMinim include placing text files on one's desktop, delivering operation commands like restart or shutdown, running arbitrary shell commands, displaying fraudulent "Administrator Password" windows for phishing purposes, displaying a full screen window that forces reboot for closure, and more.

While this instance certainly doesn't mark the first known trojan written for Macs, it also won't mark the last - especially since Apple continues to capture a larger and perpetually-increasing chunk of the PC market. For more info, check out what the folks at Sophos have to say about OSX/MusMinim-A.

Sophos
Naked Security

[z3r01]

Well damn

[lorderick70]

Trojan, don't mess with the best or die just like the rest (Apple haters)! He...he... He!

[javiert30]

Hmm Sophos hah !

[danny24vn]

trojan come to iphone jailbreak or just mac computer

[feidhlim1986]

It requires you to install and run it yourself so not much of a Trojan

[babyblue_pimp]

It requires you to install and run it yourself so not much of a Trojan

My thoughts exactly

[moon#pie]

You deserve the trojan if you install it. lol

[bigboyz]

Agreed! Next...:]

[h2a]

Omg an anti-virus company confirmed a new threat to my mac! What ever shall i do?

[iNT3Rv3NTiONZz]

So hang on, this trojan needs to be installed on the computer in question? How the **** is that gna work? Hackers gna start breaking into houses (and snatchin yo people up)? Lol epic fail


Sent from my iPhone using ModMyi

[z3r01]

You deserve the trojan if you install it. lol

Haaaaaaaaa lol that was a good one lol wish I could thank you on mobile safari for that lol

Edit : wait, I can lol

[mwr_allen]

It requires you to install and run it yourself so not much of a Trojan

I know it sounds a bit lame that it has to be installed by the user but didn't the Trojan army get fooled into accepting "installing" a trick horse "trojan" from the Greeks and then got screwed? if this new Mac trojan is fooling people into installing it then it's right on the money calling it a trojan.

[endwaro]

Yeah????? for real? this is a fail haha i dont install nothing that i dont know where it comes from. Only reliable sources. So no problem next!!!!!!!!!

[AkkeDaBest]

There goes thet advantage for macs

[Waaasobe]

I was thinking about this the other day. What would be the best way to protect your Mac from malicious software

[dennder]

Oh come on people.
Trojan is exactly about installing it and, for freakin-sake i know several ppl. who, being bfu, use blank or uber simple admin password. This is the category of people it aims for.

[BHX]

There goes thet advantage for macs

Macs aren't completely virus free, no machine is. Looking forward to ASLR encoding in Lion.

[steve-z17]

LOL! They act like its a big deal, when really you (the user) would be the one doing the installing. Lame....

[delusion950]

i knew trojan was a failure !

=P