Trojan a blackhole for 'secure' Macs

Summary:The bubble that Macintosh is invulnerable to malware may have just been popped thanks to a new tool that appears to be based on the darkComet Windows trojan.

The bubble that Macintosh is invulnerable to malware may have just been popped thanks to a new tool that appears to be based on the darkComet Windows trojan.

Rat

(Rat Fink Bank image by Kirby Kerr, CC2.0)

Security firm Sophos said the malware, BlackHole RAT, is still under development.

"It appears there is a new backdoor trojan in town and it targets users of Mac OS X. As even the malware itself admits, it is not yet finished, but it could be indicative of more underground programmers taking note of Apple's increasing market share," Sophos senior security adviser Chester Wisniewki said in a blog post.

The functionality of the tool is best summed up by its screen lock message:

Hello I'm the BlackHole Remote Administration Tool. I'm a trojan horse, so I have infected your Mac Computer. I know, most people think that Macs can't be infected, but look, you ARE infected! I have full controll [sic] over your Computer and I can do everything I want, and you can do nothing to prevent it. So, Im [sic] a very new virus, under Development, so there will be much more functions when I'm finished. But for now, it's okay what I can do. To show you what I can do, I will reboot your Computer after you have clicked the Button right down.

A video of the malware can be viewed here. Sophos said the malware is not yet in the wild.

BlackHole RAT

BlackHole RAT (Credit: Sophos)

Topics: Security, Apple, Hardware, Malware, Operating Systems

About

Darren Pauli has been writing about technology for almost five years, he covers a gamut of news with a special focus on security, keeping readers informed about the world of cyber criminals and the safety measures needed to thwart them.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.