Hackers port trojan from Linux to work on Mac OS X

By Lee Kaelin on October 27, 2011, 10:30 AM

Researchers at security firms ESET and Sophos have discovered that hackers have ported an old Linux backdoor Trojan to work on Apple's Mac OS X platform in an effort to expand the reach of their botnets. The new Trojan, named Tsunami, is derived from the old Linux Trojan Kaiten, which worked in an almost identical manner. Early speculation suggests it is a denial-of-service (DDoS) tool, although security firms are still investigating.

 

"As you can see by the portion of OSX/Tsunami's source code that I have reproduced below, the bash script can be given a variety of different instructions and can be used to remotely access an affected computer," said Graham Cluley in a post at the security firm's website.

Once it is running on the host machine, it connects to an IRC channel and awaits further commands from the hackers. They can then use the combined connections of the all the computers in the botnet to flood servers with requests, bringing them down in DDoS attacks. Hackers are able to download files to the infected computer for it to update itself or install additional malware, and gives complete control of the host machine to execute any command they choose.

"Mac users are reminded that even though there is far less malware in existence for Mac OS X than for Windows, that doesn't mean the problem is non-existent," said Cluley of Sophos. He also reminded users of OS X that participating in a DDoS attack is illegal, whether it is intentional or not, and you certainly would not want anyone having remote control of your computer.




User Comments: 15

Got something to say? Post a comment
Modena said:

I dunno why but this makes me happy...?

jonny702 said:

There will be a lot more of this in the future.... Mac isn't any safer now..... and still overpriced

Guest said:

I cheered at this information personally.

Tired of MAC users thinking they are impervious to things like this.

Cota Cota said:

For proving the concept that MAC's arent that secure this isnt really that amazing, i always play tricks on my cousin that does graphics designs, of course is not that complex like these kind of Trojans but hell, its still very annoying to him and the most important part! it makes my wallet happy..

yowanvista yowanvista said:

Die hard OS X, you are no longer secure as claimed.

Tomorrow_Rains said:

So, now windows 8 comes out..and it has no viruses..then mac..has all the viruses.

WHAT NOW FANBOYS

Guest said:

Wow, that's the second "potential" virus ever reported to be possible on Apple's OSX. Run everybody.... to buy a mac!!!!

Mac 2, PC 10000000...10000001...10000002

ha ha

:super wide grin:

katoDRAGON said:

Guest said:

Wow, that's the second "potential" virus ever reported to be possible on Apple's OSX. Run everybody.... to buy a mac!!!!

Mac 2, PC 10000000...10000001...10000002

ha ha

:super wide grin:

Hmm... I wonder why there are so many pcs, and only 2 macs. because mac does not have the funding to go on researching new software. Notice how they are always (atleast) 5 years behind everyone else, and yet they are popular. "Apple's got a grip on the gummint, their sellin us a bunch of lies man"

katoDRAGON said:

*Hardware, sorry, Hardware lol

Burty117 Burty117, TechSpot Chancellor, said:

modena said:

I dunno why but this makes me happy...?

Yeah, strangely me too?

madboyv1, TechSpot Paladin, said:

I think the irony is that the port came from an old linux trojan, opposed to a windows virus. Either way, all's fair in worms and trojans, whatever gets infected gets infected, and those with antivirus may luck out and get an easy fix/repair from the AV vendor.

RH00D RH00D said:

Guest said:

I cheered at this information personally.

Tired of MAC users thinking they are impervious to things like this.

I never knew cosmetic make-up users were ever thinking that...?

stewi0001 stewi0001 said:

burty117 said:

modena said:

I dunno why but this makes me happy...?

Yeah, strangely me too?

because they think they are invincible to hacks and etc.

Guest said:

the pc world has always been full of creepy-crawlies ...

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.