Windows Trojan Modified to be Used on Macs
According to Sophos the security company, the BlackHole Remote Access Trojan (RAT) is still undergoing evolution while seemingly it's utilizing the darkComet malware's source code. DarkComet is a well-known Trojan designed to attack Windows PCs, the company said. ZDNet published this on February 27, 2011.
State the company's security researchers that there hasn't been any cyber-assault using the Trojan. The malware, right now, is more of a proof-of-concept; however, it's quite simple to use. Suppose a malicious person manages in getting an end-user to load it onto his Mac PC, alternatively creates an exploit, which would quietly load it onto Mac then that person can gain hold of the infected system remotely.
Further, according to the researchers, the malware isn't yet finished; however, it hints that an increasing number of criminal programmers could be getting aware about the rising market share of Apple. Itnews published this on February 28, 2011.
In the meantime, according to researcher Chet Wisiniewski with Sophos the anti-virus provider, although BlackHole is an alternative edition of darkComet a Windows Trojan, still it seems its creator is some other developer. As darkComet's source code is not difficult to get, therefore it seems BlackHole's writer just picked up that code, which he fine-tuned to effectively attack Macs. ComputerWorld published this on February 25, 2011.
Says Wisiniewski, the Trojan does several things. It positions files having textual content on desktops; issues instructions to restart, become dormant, or shutdown systems; executes random shell commands, compels end-users to reboot through a window it creates; and dispatches URLs that have been viewed to a website that's open. Itnews published this.
But, according to Sophos, BlackHole RAT is not proliferating still users would do well by being extra careful while taking down free software, especially software that are counterfeit.
Meanwhile, with Mac getting increasingly popular and all things of Apple that are emerging, it is hardly surprising that criminals are preparing to target the company's product. Says Sophos, the Trojan can be installed via a security flaw within a user's plug-in, Web browser or other software. GIZMODO published this on February 28, 2011.
Related article: Windows XP Fault Strike Firewall
» SPAMfighter News - 07-03-2011