New Remote Trojan Targets Growing Number of Mac OS X Users
It seams that malicious hacker put their hands on Mac computers. Security researchers report that hackers have a way to remotely send commands to your Mac OS X computer. “Blackhole” RAT, or Remote Access Trojan, allows hackers to control your Mac. SophosLabs analyzed the sample it received and determined that it is a variant of a well-known Remote Access Trojan (RAT) for Windows known as darkComet. The Blackhole RAT is available for download from the net, but there are no any reports from customers being hit by it.
The Trojan's basic functionality includes:
- placing text files on the desktop;
- sending a restart, shutdown or sleep command;
- running arbitrary shell commands;
- placing a full screen window with a message that only allows you to click reboot;
- sending URLs to the client to open a website;
- popping up a fake "Administrator Password" window (see the shot above).