Tsunami Trojan multiplies Mac malware misfortunes
By Stephen WITHERS
As if multiple versions of the Flashback Trojan (including one that disables the malware check built into Mac OS X's file quarantine system) weren't enough, security software companies ESET and Sophos say a new piece of Mac malware based on the Kaiten Trojan for Linux has been discovered.
Tsunami appears to be primarily a tool for mounting DDOS (distributed denial of service) attacks, but it also has the ability to execute shell commands (effectively providing remote control of the computer) and to download additional files, which could include more malware or updates for Tsunami itself.
What nobody seems to be saying is how Tsunami presents itself - after all the nature of a Trojan is that it poses as one think while actually carrying out a completely different function.
So at the moment, we don't know what to look out for. Not a very satisfactory state of affairs, especially for those who don't use antivirus software on their Macs. At least Sophos offers its Mac software free of charge for home use.
Postscript: Intego describes Tsunami as a "hacker tool" that "requires installation" - something very different to a Trojan. Maybe that's why the other companies didn't describe Tsunami passing itself off as providing some other functionality, which is the defining characteristic of a Trojan.
|Subscribe to Hydrapinion|