Naked Security describes a new backdoor Trojan that targets Mac OS X users:
SophosLabs analyzed the sample we received and determined that it is a variant of a well-known Remote Access Trojan (RAT) for Windows known as darkComet.
What can it do?
- Placing text files on the desktop
- Sending a restart, shutdown or sleep command
- Running arbitrary shell commands
- Placing a full screen window with a message that only allows you to click reboot
- Sending URLs to the client to open a website
- Popping up a fake “Administrator Password” window to phish the target
Of course, Sophos says their products will get rid of it but don’t tell you how to avoid it in the first place.