We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

'Tsunami' backdoor Trojan for Mac OS X spotted

Could be used to launch DDoS attacks or remotely access another computer

A Trojan targeting computers running Mac OS X which can be used to launch DDoS (distributed denial-of-service) attacks on websites has been discovered.

The Tsunami backdoor Trojan, reported by Graham Cluley, senior technology consultant at security firm Sophos on the company's Naked Security blog, gets its name from the DDoS tactic of flooding a website with traffic.

Once it has embedded itself on a computer, the Tsunami Trojan listens to an IRC (Internet Relay Chat) channel for further instructions. These instructions could be to send numerous requests to a particular web address to overload it with traffic, for example.

"The big question, of course, is how would this code find itself on your Mac in the first place? It could be that a malicious hacker plants it there, to access your computer remotely and launch DDoS attacks, or it may even be that you have volunteered your Mac to participate in an organised attack on a website," said Cluley.

"But remember this - not only is participating in a DDoS attack illegal, it also means that you have effectively put control of your Mac into someone else's hands. If that doesn't instantly raise the hairs on the back of your neck, it certainly should."

The Trojan originates from a family of malware that targeted the Linux OS and has been in circulation since 2002.

Experts at fellow security firm ESET warned: "In addition to enabling DDoS attacks, the backdoor can enable a remote user to download files, such as additional malware or updates to the Tsunami code. The malware can also execute shell commands, giving it the ability to essentially take control of the affected machine."

Sophos' Cluley advised all Mac users to use security software and to keep it up to date in order to protect from threats such as this one.


IDG UK Sites

Best Christmas 2014 UK tech deals, Boxing Day 2014 UK tech deals & January sales 2015 UK tech...

IDG UK Sites

Chromebooks: ready for the prime time (but not for everybody)

IDG UK Sites

Hands-on with Sony's latest smartglasses

IDG UK Sites

The 13 most inspirational Tim Cook quotes