According to security firm, Sophos, a new Trojan for Mac has been floating around, “giving evidence of the increasing popularity of Mac”. It's a backdoor Trojan which is in beta (so it really shouldn't be able to do anything). It was ported from Windows and really can't gain root privileges, however, it can work within the confines of the user that installed it.

BlackHole RAT, blacking out the Mac

BlackHole RAT, blacking out the Mac

The Trojan basically replaces places text files on the desktop, places the computer to sleep, shuts down and restarts the computer, and runs “arbitrary shell commands”. The biggest threat it seems to show though is that it displays a false window asking you for your administrative password. After that a full screen pops up prompting users to restart their computer. After which, according to Sophos, this message pops up:

“I am a Trojan Horse, so I have infected your Mac Computer. I know, most people think Macs can't be infected, but look, you ARE Infected! I have full controll (sic) over your Computer and I can do everything I want, and you can do nothing to prevent it. So, Im a very new Virus, under Development, so there will be much more functions when I'm finished.”

This of course, raised the whole hoopla about how secure the Mac platform really is. But the reality is, Mac, like Windows Vista, when kept up to date, is practically secure if not theoretically so. Sophos says the Trojan is called BlackHole RAT. They say it gets into computers via internet downloads and “vulnerabilities in browsers, plugins and other applications”.

Tags: , , , , , ,