Fortunately, the virus doesn't seem to be very malicious. It allows a remote controller to reboot or shutdown an infected computer, or pop up a fake 'Administrator Password' box that can be used to phish a user's password -- but for the most part, it actually seems to be a proof of concept; a warning to Mac users that their OS can be infected.
One of BlackHole RAT's functions pops open a full-screen dialog with only a 'reboot' button, and the following, vaguely sociopathic message:
"I am a Trojan Horse, so i have infected your Mac Computer. I know, most people think Macs can't be infected, but look, you ARE Infected!You kind of expect 'muhahaha!!1' to be at the end.
I have full controll over your Computer and i can do everything I want, and you can do nothing to prevent it.
So, Im a very new Virus, under Development, so there will be much more functions when im finished."
As for how the virus is distributed, it is probably via the usual channels: pirate downloads, or vulnerable browser plug-ins. Sophos notes that its Anti-Virus for Mac Home Edition, which is a free download, identifies and removes the virus. You should probably run it, just to make sure you're not infected.
BlackHole RAT Mac OS X backdoor Trojan virus mimics password prompt originally appeared on Download Squad on Mon, 28 Feb 2011 10:15:00 EST. Please see our terms for use of feeds.
Permalink | Email this | Comments
COMPAL ELECTRONICS COSMOTE MOBILE TELECOM DLINK DIGITAL CHINA HOLDINGS
