“French security firm Intego discovered a new Mac Trojan horse this week that is being used to target specific individuals,” Gregg Keizer reports for Computerworld.
“The Trojan, dubbed ‘Crisis’ by Intego — a Mac-only antivirus developer — and called ‘Morcut’ by Sophos, is espionage malware that spies on victims using Mac instant messaging clients, browsers and Skype, the Internet phoning software,” Keizer reports. “According to Intego, which published an initial analysis on Tuesday and has followed up with more information since then, Crisis sports code that points to a connection with an Italian firm that sells a $245,000 espionage toolkit [Remote Control System (RCS)] to national intelligence and law enforcement agencies.”
Keizer reports, “From all indications, Crisis, like any true Trojan, does not exploit a vulnerability, but instead relies on trickery to convince the user to self-infect his or her Mac. ‘We believe that the infection vector may rely primarily on social engineering to be installed and at this point in time there is no reason to believe there is a vulnerability being used in conjunction with the threat,”‘ said Symantec in a post to its security response team’s blog yesterday.”
Read more in the full article here.
[Thanks to MacDailyNews Reader “theloniousMac” for the heads up.]
Related articles:
Warning: New Java trojan targets Apple’s OS X along with Windows, Linux – July 11, 2012
Symantec: Mac Flashback trojan infections declining rapidly, have dropped six-fold in a week – April 18, 2012
Apple releases Flashback trojan removal tool – April 14, 2012
Apple releases Java Update to remove Flashback trojan – April 12, 2012
600,000 Macs infected with Flashback trojan, 274 in Cupertino; how to check your Mac – April 5, 2012
Warning: New Mac trojan hides in pirated graphics software – November 1, 2011
Hackers port Linux trojan to Mac OS X – October 26, 2011
Apple updates OS X Lion, Snow Leopard malware definitions to address new trojan – September 26, 2011
New OS X trojan horse sends screenshots, files to remote servers – September 23, 2011
Apple: How to avoid or remove MACDefender malware (permanent fix coming in Mac OS X update) – May 24, 2011
Apple: How to avoid or remove MACDefender malware (permanent fix coming in Mac OS X update) – May 24, 2011
MACDefender trojan protection and removal guide – May 20, 2011
Apple investigating ‘MACDefender’ trojan – May 19, 2011
Apple malware: 6 years of crying wolf – May 6, 2011
Is Mac under a virus attack? No. – May 4, 2011
Intego: MACDefender rogue anti-malware program attacks Macs via SEO poisoning – May 2, 2011
Sophos details new Mac OS X Trojan – February 28, 2011
Warning: Mac users beware of yet another trojan masquerading as video codec – June 11, 2009
CNN blows it; gets all worked up about a Mac Trojan that isn’t the first nor is it the last – April 23, 2009
Mac trojan expands to affect pirated versions of Photoshop CS4 – January 26, 2009
Intego: Mac trojan horse found in pirated Apple iWork ‘09 – January 22, 2009
New Mac OS X Trojan horse identified – June 23, 2008
Mac OS X Scareware trojan ‘MacSweep from Imunizator’ tries to scam Mac users – March 29, 2008
Mac trojan makers churn out slightly modified versions to evade anti-malware detection – November 08, 2007
Mac DNS Changer Trojan [OSX/Puper] relatively simple; works like the Windows version – November 01, 2007
New Mac OS X Trojan warning – February 16, 2006
Apple: ‘Opener’ is not a virus, Trojan horse, or worm – November 02, 2004