New BlackHole Malware Variant for OS X found

The Security Researchers of Sophos recognized a new malware called BlackHole or MusMinim which influences Mac Operating System (OS) has been still evolving.

BlackHole is a backdoor server program RAT (Remote Access Tool) which is not only a skilled tool but also requires a remote user to interact with the system. That is why several security experts categorize it more as a prank or "annoyware" as against malware.

After installation, the MusMinim places the text files on the system desktop, sends restart, shut down and sleeping commands and runs arbitrary shell commands. The Trojan also shows a fake "administrator password" window to deceive users into entering their information. MusMinim might also shows a window, which would enable users to click reboot option and also send harmful "Unique Resource Locators" (URLs) urging users to open them.

It seems that the creator of this malware is still experimenting with it but comparatively at a slow speed.

Hackers may use the malware to illegally use victim's system, extract and send information to remote attackers. The attackers can control and use the system as a platform to launch attacks on other systems and circulate spam and phishing mails.

Further, the hackers also instruct the targeted system. Cyber awareness is important to stop users from being attacked by Trojans and virus.

When new malware is discovered, terms for it is usually classified alphabetically to distinguish its kinds, so the initial release of the BlackHole RAT was called OSX/MusMinim-A by Sophos, followed by OSX/MusMinim-B for the second variant. The recently found variant is the third detected release and following the naming pattern Sophos has named it OSX/MusMinim-C.

Although this particular malware is not dynamic as the MacDefender malware and its kinds, it implies that even old malware can be proven as tricky at any time. In spite of the development, there is nothing new and shows a low risk to Mac users.

As per the Sophos researchers, if anybody comes across this malware on their Mac then it is suggested to remove it immediately.

However, the experts consented that Security Professionals encountered challenge of detecting the threat vectors often even prior to the exploitation by attackers. Though it is pertinent for the security industry to always remain ahead of the attackers and keep the world secured from cyber attacks.

Related article: New Zealand firms netted in anti-spam drive

» SPAMfighter News - 10/10/2011