Now in beta: OS X backdoor Trojan
Security researchers at Sophos Labs last week discovered a new, "still in beta" backdoor Trojan targeting Mac OS.
The Trojan, identified as BlackHoleRAT, is a variant of the free "remote administration tool" darkComet RAT for Windows, and gives the administrator the ability to place text files on the desktop, send restart, shutdown or sleep commands, to run shell commands, to place a full-screen window with a message that forces a reboot, to force URLs to a client, and to pop up a fake "Administrator Password" phishing window.
It lacks much of the functionality of its Windows counterpart, but carries the somewhat amusing message with the forced reboot:
I am a Trojan Horse, so i have infected your Mac Computer. I know, most people think Macs can't be infected, but look, you ARE Infected! I have full controll over your Computer and i can do everything I want, and you can do nothing to prevent it.
So, Im a very new Virus, under Development, so there will be much more functions when im finished.
Obviously this pseudo-apologetic message is geared toward potential customers who would like to sink their teeth into Mac OS malware, rather than actually for someone whose system was infected.
Since Mac OS has been gradually gaining PC operating system market share, more companies are entering the Mac security field. Earlier this month Comodo released a free Mac antivirus alongside Sophos, who has long been known for its anti-malware solutions for the platform.