The bubble that Macintosh is invulnerable to malware may have just been popped thanks to a new tool that appears to be based on the darkComet Windows trojan.
Security firm Sophos said the malware, BlackHole RAT, is still under development.
"It appears there is a new backdoor trojan in town and it targets users of Mac OS X. As even the malware itself admits, it is not yet finished, but it could be indicative of more underground programmers taking note of Apple's increasing market share," Sophos senior security adviser Chester Wisniewki said in a blog post.
The functionality of the tool is best summed up by its screen lock message:
Hello I'm the BlackHole Remote Administration Tool. I'm a trojan horse, so I have infected your Mac Computer. I know, most people think that Macs can't be infected, but look, you ARE infected! I have full controll [sic] over your Computer and I can do everything I want, and you can do nothing to prevent it. So, Im [sic] a very new virus, under Development, so there will be much more functions when I'm finished. But for now, it's okay what I can do. To show you what I can do, I will reboot your Computer after you have clicked the Button right down.
A video of the malware can be viewed here. Sophos said the malware is not yet in the wild.
BlackHole RAT (Credit: Sophos)