61,053 News Articles

Hacker writes easy-to-use Mac Trojan

The Trojan isn't being used in attacks, but it's easy to use, Sophos says

By | 28 February 11

In a sign that hackers, like everyone else, are taking an interest in everything Apple, researchers at Sophos say they've spotted a new Trojan horse program written for the Mac.

Related Articles

It's called the BlackHole RAT (the RAT part is for "remote access Trojan") and it's pretty easy to find online in hacking forums, according to Chet Wisniewski a researcher with antivirus vendor Sophos. There's even a YouTube video demonstration of the program that shows you what it can do.

Sophos hasn't seen the Trojan used in any online attacks -- it's more a bare-bones, proof-of-concept beta program right now -- but the software is pretty easy to use, and if a criminal could find a way to get a Mac user to install it, or write attack code that would silently install it on the Mac, it would give him remote control of the hacked machine.

BlackHole is a variant of a Windows Trojan called darkComet, but it appears to have been written by a different developer. The darkComet source code is freely available, so it looks like BlackHole's author simply took that code and tweaked it so it would run on the Mac, Wisniewski said.

Mac OS X has been gaining market share on Windows lately, and that's starting to make it a more interesting platform for criminals. Wisniewski said that while Mac malware is still very rare, he has seen another Trojan, called HellRTS, circulating on file-sharing sites for pirated Mac software.

PC security advice

Share this article




Comments

RJSebire said: I was thinking about hacking Apples data distribution centre in CaliAnd to hack a Mac is quite easy Its just that I and many other hackers see the Mac as the poor mans choice therefore of not valueTo hack a mac use a dns css script to replace the update with the crc32 modified update can be done on the fly and on mass Its not really apples fault its your SiSPs for encrypting the trafficIts not copying its backing up

arb said: There is always a way

CGW3 said: if a criminal could find a way to get a Mac user to install it or write attack code that would silently install it on the Mac it would give him remote control of the hacked machineas every app has to be confirmed before it is installed on OS X just how prey does this criminal silently get a user to install this Trojan

Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story. Both your name and the recipient's name and address will not be used for any other purpose.