Security researchers from multiple companies, have spotted a new Mac OS X malware. Dubbed ‘Tsunami’, the malware’s primary goal is to act as platform for executing distributed denial of service (DDoS) attacks.
What’s particularly interesting about this backdoor, is the fact that malware coders have ported the malware bot from Linux to Mac OS X in an attempt to enter the Mac OS X market segment.
More on the malware:
In addition to enabling DDoS attacks, the backdoor can enable a remote user to download files, such as additional malware or updates to the Tsunami code. The malware can also execute shell commands, giving it the ability to essentially take control of the affected machine. In terms of functionality, the Mac variant of the backdoor is similar to its older Linux brother, with only the IRC server, channel and password changed and the greatest difference being that it’s a 64-bit Mach-O binary instead of an ELF binary.
The malware is currently detected as OSX/Tsunami-A.
- New Mac OS X malware disables Apple’s malware protection
- Snow Leopard’s malware protection only scans for two Trojans
- Malware Watch: Free Mac OS X screensavers bundled with spyware
- New MAC OS X scareware delivered through blackhat SEO
- New Mac OS X trojan poses as malicious PDF file
- Researchers spot new Mac OS X malware
- Mac OS X malware posing as fake video codec discovered
- New Mac OS X malware variant spotted
- New Mac OS X email worm discovered
- New Mac OS X DNS changer spreads through social engineering
- Mac OS X SMS ransomware - hype or real threat?