More Malware for Mac

Written by John Ponio    Thursday, 05 July 2012 23:39

Kapersky Logo

It looks like Apple removed their no-virus claims from their website just in time, as Kapersky just discovered more malware for OS X. It looks like this is a backdoor that infiltrates through an e-mail attachment. Inside of the e-mail, a .zip file extracts to a JPEG file and an OS X program which is a form of MaControl backdoor. Once the victim runs the program, it sets up a backdoor that reports to a Command & Control server, which can then give access to files to the C&C server operator as well as allow him to run commands on the Mac.

Costin Raiu, who is the Director of Global Research & Analysis at Kaspersky Labs, said:

Macs are not only growing in popularity globally, but also with high-profile people who choose to use Mac OS X computers because they believe it’s safer. However, we believe that as the adoption increases for Mac OS X, the attacks for both mass-infection and targeted campaigns will also grow. Attackers will continue to refine and enhance their methods to mix exploits and social engineering techniques to try and infect victims. Just like PC malware, this combination is commonly the most effective and cybercriminals will continue to challenge Mac OS X users’ security, both technically and psychologically.

This version of the MaControl is detected by Kapersky Anti-Virus 2011 for Mac, if you want to check your system for it. But, as always, it's safest to just not open attachments, especially when they're programs. If you're interested in reading more about the malware, a detailed report on how it's activated and what it does can be read here