Security Researchers At Sophos Identify New Mac Operating System X Backdoor Trojan

By Author: eccuni
Total Articles: 211
Comment this article

Developers constantly endeavor to produce new and improved software products. However, the success of a new product attracts the attention of cybercriminals, who persistently explore and exploit vulnerabilities.
Recently, security researchers at Sophos identified a new backdoor Trojan, which affects Mac Operating System (OS) X. According to the Abingdon, Oxfordshire based company, the Trojan is still evolving. While the author of the Trojan has referred to it as BlackHole Remote Access Trojan (RAT), Sophos has renamed the Trojan as OSX/MusMinim-A. The analysts at Sophos consider MusMinim as a variant of darkComet, the infamous RAT affecting Windows. The company opines that criminals may be targeting Apple products, considering the growing market share of the company.

Ironically, the term Black Hole is used by another legitimate application designed to improve the security of Mac by enabling users to remove recently used file lists and clipboard data. The name of the Trojan is intended to deceive the users. Once installed, the MusMinim places the text files on the system desktop, sends restart, shut down and sleeping ...
... commands and runs arbitrary shell commands. The Trojan also displays a fake "administrator password" window to trick users into entering the credentials. MusMinim may display a window, which would only allow users to click reboot option and also send malicious "Unique Resource Locators" (URLs) seeking users to open them.

Attackers may use malware to gain unauthorized access to a victim's computer, extract and send information to remote attackers. The remote attackers may gain control and use the computer as a platform to initiate attacks on other computers and disseminate spam and phishing e-mails. The attackers may also send instructions to the affected computer. Cyber education is crucial to prevent users from becoming victims of virus and Trojan attacks. The extracted information may be sold to their underground peers and crime syndicates in return for financial benefit. Attackers may also use extracted personal details and financial information to create fake identities, conduct unauthorized transactions, open new accounts and defraud users. Online tutorials, online degree and diploma courses may help Internet users in understanding the various types of attacks and initiating preventive measures.

Security professionals face constant challenge of identifying the threat vectors before their exploitation by attackers. E-learning programs and online university degree courses may help security professionals in updating their knowledge and technical skills in accordance with the latest challenges. Organizations must recruit IT professionals such as computer science degree holders, security auditors, security analysts and penetration testers to test the strength of the IT infrastructure. Software developers must conduct regular evaluation of their products to mitigate security flaws and weaknesses.

Use of pirated software and downloading applications from suspicious sites may lead to installation of malicious files and applications, which may extract, modify and delete content from the affected systems. Users must download applications from only legitimate sites. They must also adhere to the patch releases and security updates to safeguard software applications, plugins and web browsers. They must install anti-virus and anti-malware solutions and update them frequently to safeguard their computer systems.