InfoSec Handlers Diary Blog - New OS X trojan backdoor MaControl variant reported

SANS ISC: InfoSec Handlers Diary Blog - New OS X trojan backdoor MaControl variant reported

SANS Site Network
- Current Site
- Internet Storm Center
- Other SANS Sites Help
- Graduate Degree Programs
- Security Training
- Security Certification
- Security Awareness Training
- Penetration Testing
- Industrial Control Systems
- Cyber Defense Foundations
- DFIR
- Software Security
- Government OnSite Training

InfoSec Handlers Diary Blog

New OS X trojan backdoor MaControl variant reported

Published: 2012-07-05
Last Updated: 2012-07-05 01:55:42 UTC
by Adrien de Beaupre (Version: 1)

Kaspersky has reported that a new previously undetected variant of the MaControl backddor is being used in the wild. The malware arrived as an email attachment, and if installed connect to a C&C server. More information on the malware, its behaviour, and the attack campaign is available from Kaspersky, who discovered this variant. As more malware authors become motivated to attack OS X it is likely that we will continue to see targeted attacks such as this in the future.

http://www.kaspersky.com/about/news/virus/2012/New_Mac_OS_X_Backdoor_Being_Used_for_an_Advanced_Persistent_Threat_Campaign

http://www.securelist.com/en/blog/208193616/New_MacOS_X_backdoor_variant_used_in_APT_attacks

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.

I will be teaching SANS Sec542 in Minneapolis July, Sec560 in Montreal September, and Sec542 in Vancouver December.

Keywords: hacking internet isc MAC Malware OS X phishing sans security threat trojan virus

2 comment(s)

Top of page

Diary Archives