New Trojan Uses Windows to Attack Mac Users

Dennis Faas's picture

Think Macs can't be infected by viruses? Think again. While Apple computers are generally less likely to be attacked by hackers, it's not impossible to infect a Mac with malware (or virus).

For years Apple has boasted that its computers are more secure than PCs. And they were right -- but that was based on a technicality that only a tiny fraction of the population owned Macs, and thus, there was less profit to be made and less havoc to wreak for hackers. But that's starting to change as the number of Mac owners increases, making for an awkward situation at Apple headquarters in Cupertino, California.

Mac Users Sucked Into a BlackHole RAT

Reports of this most recent Mac attack come from security firm Sophos, which refers to the threat as a Windows-based remote access Trojan called darkComet. Other terms for the Trojan include OSX / MusMinim-A, MusMinim, or "BlackHole RAT," the latter being the preferred name of the hackers who created it.

Sophos says the Trojan is actually very basic and can be easily eliminated with recently updated antivirus software. However, it poses enough of a threat that it's likely to leave a lasting impression on many Mac users. (Source: infoworld.com)

I'm a Mac and "I'm a Trojan Horse"

And that's the exact point of the Trojan: to make Mac users aware that they are no longer safe. BlackHole RAT has several tricks, but the most notable may be a text message which is presented to those who've been infected. It plays on the very popular "I'm a Mac" TV commercials and goes something like this:

"I am a Trojan Horse, so I have infected your Mac Computer. I know, most people think Macs can't be Infected, but look, you ARE infected! I have full control over your Computer and I can do everything I want, and you can do nothing to prevent it. So, I'm a very new Virus, under Development, so there will be much more functions when I'm finished." (Source: theregister.co.uk)

The message, although poorly worded, is clear: Mac users are no longer safe. Sophos says BlackHole RAT can perform other nasty functions, from placing random text files on the desktop, to initiating a restart or shutdown, and even opening a fake Administrator Password window so that hackers can steal log-in information.

Sophos, claims that it can remove the infection of BlackHole RAT using its Sophos Anti-Virus product for the Macintosh, which is distributed at no cost free. The most common way a Mac is infected (according to Sophos), is by downloading it unknowingly through the distribution of pirated software. (Source: pcmag.com)

Rate this article: 
No votes yet