This backdoor is noteworthy because this is the new and currently under development remote administration tool (RAT) for MAC OS X platforms.
To get a one-glance comprehensive view of the behavior of this Backdoor, refer to the Threat Diagram shown below.
This OSX malware has a Windows counterpart, which Trend Micro detected as BKDR_MUSMINIM.A.
This is a remote administration tool (RAT) that has specific capabilities.
This backdoor may be unknowingly downloaded by a user while visiting malicious websites. It may be manually installed by a user.
File size: Varies
File type: Other
Memory resident: Yes
Initial samples received date: 26 Feb 2011
Payload: Compromises system security, Displays a fake graphical user interface (GUI)
Arrival Details
This backdoor may be unknowingly downloaded by a user while visiting malicious websites.
It may be manually installed by a user.
NOTES:
Based on analysis of the codes, it has the following capabilities:
- Execute remote shell commands
- Show a URL using the default browser of the affected system
- Force the user to input login credentials
- Shutdown the remote computer
- Restart the remote computer
- Put the system into sleep mode
- Send a message
- Create a text file on the desktop
- Display a window with a message from the attacker that can only be removed by rebooting
- Display the following graphical user interface (GUI):
Connect with us on
| | | |