Trojan a blackhole for 'secure' Macs

Trojan a blackhole for 'secure' Macs

Summary: The bubble that Macintosh is invulnerable to malware may have just been popped thanks to a new tool that appears to be based on the darkComet Windows trojan.

SHARE:

The bubble that Macintosh is invulnerable to malware may have just been popped thanks to a new tool that appears to be based on the darkComet Windows trojan.

Rat

(Rat Fink Bank image by Kirby Kerr, CC2.0)

Security firm Sophos said the malware, BlackHole RAT, is still under development.

"It appears there is a new backdoor trojan in town and it targets users of Mac OS X. As even the malware itself admits, it is not yet finished, but it could be indicative of more underground programmers taking note of Apple's increasing market share," Sophos senior security adviser Chester Wisniewki said in a blog post.

The functionality of the tool is best summed up by its screen lock message:

Hello I'm the BlackHole Remote Administration Tool. I'm a trojan horse, so I have infected your Mac Computer. I know, most people think that Macs can't be infected, but look, you ARE infected! I have full controll [sic] over your Computer and I can do everything I want, and you can do nothing to prevent it. So, Im [sic] a very new virus, under Development, so there will be much more functions when I'm finished. But for now, it's okay what I can do. To show you what I can do, I will reboot your Computer after you have clicked the Button right down.

A video of the malware can be viewed here. Sophos said the malware is not yet in the wild.

BlackHole RAT

BlackHole RAT (Credit: Sophos)

Topics: Security, Apple, Hardware, Malware, Operating Systems

Darren Pauli

About Darren Pauli

Darren Pauli has been writing about technology for almost five years, he covers a gamut of news with a special focus on security, keeping readers informed about the world of cyber criminals and the safety measures needed to thwart them.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

8 comments
Log in or register to join the discussion
  • I don't think anybody actually believes that OS X is literally (or technically) invulnerable to malware, just that none existed (until now??)
    Dean Harding
  • I've read many comments from those who do believe it.
    xBeanie
  • I dunno, after viewing applefanboi comments on forums over the years I suspect a small minority of the cult of jobs members believe their macs can walk on water, feed the starving masses and survive a nuclear direct hit!
    btone-c5d11
  • But these are the Assange Heroes that we sympathetically support, don't we?
    jimiiwoo
    • .. what? that makes about as much sense as saying anyone who drives a car is a hoon.
      loss4words-cdfd1
  • You know, you can do all that and more if you turn on "Remote Login", SSH into the Mac, and enter their password.

    Remote access trojan malware will be possible on any platform that allows the user to install their own software. It's really nothing about the security of OS X... or are you saying we should lock it down to only Apple-approved programs to stop this sort of thing?
    aoeuaoeuaoeu-e4a44
  • You know, you can do all that and more if you turn on "Remote Login", SSH into the Mac, and enter their password.

    Remote access trojan malware will be possible on any platform that allows the user to install their own software. It's really nothing about the security of OS X... or are you saying we should lock it down to only Apple-approved programs to stop this sort of thing?
    a________
  • It is just a "concept" virus - not even the real thing. Who knows if this Rat will ever leave its Black (or brown) Hole. And by the way: fighting Apple always makes it stronger (MS/Nokia) - so come out rat - please, you will find my iMac well prepared with Anti-Virus Software!
    antipode-c5ecc