We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

'Tsunami' backdoor Trojan for Mac OS X spotted

Could be used to launch DDoS attacks or remotely access another computer

A Trojan targeting computers running Mac OS X which can be used to launch DDoS (distributed denial-of-service) attacks on websites has been discovered.

The Tsunami backdoor Trojan, reported by Graham Cluley, senior technology consultant at security firm Sophos on the company's Naked Security blog, gets its name from the DDoS tactic of flooding a website with traffic.

Once it has embedded itself on a computer, the Tsunami Trojan listens to an IRC (Internet Relay Chat) channel for further instructions. These instructions could be to send numerous requests to a particular web address to overload it with traffic, for example.

"The big question, of course, is how would this code find itself on your Mac in the first place? It could be that a malicious hacker plants it there, to access your computer remotely and launch DDoS attacks, or it may even be that you have volunteered your Mac to participate in an organised attack on a website," said Cluley.

"But remember this - not only is participating in a DDoS attack illegal, it also means that you have effectively put control of your Mac into someone else's hands. If that doesn't instantly raise the hairs on the back of your neck, it certainly should."

The Trojan originates from a family of malware that targeted the Linux OS and has been in circulation since 2002.

Experts at fellow security firm ESET warned: "In addition to enabling DDoS attacks, the backdoor can enable a remote user to download files, such as additional malware or updates to the Tsunami code. The malware can also execute shell commands, giving it the ability to essentially take control of the affected machine."

Sophos' Cluley advised all Mac users to use security software and to keep it up to date in order to protect from threats such as this one.

IDG UK Sites

iPhone 6 vs Samsung Galaxy S5 comparison review: Apple takes on Samsung once again in smartphone...

IDG UK Sites

Just another opinion about Apple's new iPhone

IDG UK Sites

Intel Xeon E5 v3 Haswell processors review: we check out the fastest chips on the planet

IDG UK Sites

Apple Watch hands-on review | Apple Watch design, spec, features & UK pricing