Proof-of-concept Mac Trojan surfaces


Security vendor Sophos say it has spotted a new backdoor Trojan that specifically targets the Mac OS X. After examining a sample that the company received, Sophos named it MusMinim and say that the malware is really a variant of a well-known Windows-based Remote Access Trojan (RAT). MusMinim has basic capabilities such as the remote execution of shell commands, and various system actions such as restart, shutdown and sleep. In addition, URLs can be opened on commandeered desktops, while a fake Administrator Password prompt supports phishing attempts.

MusMinim is a proof-of-concept at the moment, rather than a completed malware that is in active circulation, says Sophos. The malware kit is easy to use however, noted the company, and all it really needs is an attack vector to gain initial access onto a Mac computer. The prominence of the iOS platform and the growth of Apple (NASDAQ: AAPL) has, ironically, triggered renewed interest in malware creation for the Mac OS X platform. As evidenced by MusMinim, writing malicious software for the Mac OS X platform is not more difficult than for a Windows box--and new Trojans could in fact be derived from the rich and diverse range of existing Windows malware.

For more on this story:
- check out this article at Sophos
- check out this article at InfoWorld

Related Articles:
Security loopholes surfaces on Mac App Store 
New Trojan stymies cloud-based antivirus security  
Microsoft tool now scans for the Zeus Trojan 
At least one trojan using Facebook as a command channel