Doctor Web discovered yet another Mac backdoor: BackDoor.Olyx



    Already on the first of June of this year, an article appeared on Habr " The era of antiviruses on Mac OS X has come officially ." Indeed, viruses and scareware for Mac OS X are now beginning to appear, which are not so dangerous, but frightening the “makovods”, who are accustomed to the security of their OS, are trembling to the knees. The panic forced Apple to issue Internet Security “uphill”. Perhaps this thing will help Mac OS X users defend themselves against another backdoor discovered by Doctor Web specialists. As far as we know, this is the second backdoor for the specified operating system, there will be more further .

    The company’s specialists found that this malware allows a cybercriminal to remotely control a Mac OS X computer without the owner’s knowledge. You can, for example, create and delete folders and files, in addition, you can give other directives to the infected computer.

    Currently, only two backdoors are known, BackDoor.DarkHole and BackDoor.Olyx. The first malware allows the creator to control the infected machine, for example, restart the computer, create, delete and move files and folders, launch web pages in a browser.

    BackDoor.Olyx, getting to the user's computer, creates the directory / Library / Application Support / google / on the hard drive. The startp file is saved in this directory. After that, /Library/LaunchAgents/www.google.com.tstart.plist appears in the daddy, and this file, after rebooting the machine, starts the execution of the malicious program. After rebooting, the google.tmp file gets into the temporary folder, this is the backdoor trying to disguise itself as a temporary file. After that, the malware is "ready to eat."

    Via Dr.Web

    Also popular now: