ID: IRCNE2011091260
Date: 2011-09-26
According to "zdnet", Researchers at F-Secure have discovered a Mac OS X malware file masquerading as a PDF file to lure users into installing a backdoor trojan.
The malware, flagged as a trojan dropper, installs downloader component that downloads a backdoor program onto the system, while camouflaging its activity by opening a PDF file to distract the user.
According to F-Secure, the PDF file contains Chinese-language text related to political issues, which some users may find offensive.
The use of a PDF file as a social engineering gimmick is widely used by malicious hackers on the Windows platform and F-Secure’s research team believes this is an attempt to copy the trick of opening a PDF file containing a “.pdf.exe” extension and an accompanying PDF icon.
Once installed, the trojan dropper installs a backdoor program that gives a hacker full control of the infected Mac OS X machine.
The backdoor typically contacts a remote server for instructions and can be used to steal files or capture a screenshot of the infected computer system, which is then forwarded to the remote server.
- 2