According to experts, hackers are testing new malware for the Mac, copied from the Trojan nine years ago and was originally written for Linux.
Malware, called “Tsunami”, circulated in a limited number since last week, said researchers from ESET Security, Slovak company that produces anti-virus software.
About the Tsunami for the first time we heard last week, when a researcher at ESET Security Lipovskii Robert presented the first information.
“We have already seen the backdoor on the Mac, but the creators of this malicious program simply used the existing code instead of writing something new,” – said in an interview Lipovskii. “They are so much easier.”
Lipovskii had in mind the similarity between the new code malware for the Mac and a number of Trojans, which attacked Linux in 2002.
“Linux malware can not be fully compatible with the platform Mac OS X, so he had to be built again” – explained Lipovskii. Unlike the old Trojan for Linux, also called the Tsunami in honor of one of its functions, which runs the DDoS, the original version for the Mac was a 64-bit.
For most other circumstances, Tsunami on the Mac a striking resemblance to his ancestor with Linux, and allows attackers to give the team the infected computer via IRC, to carry out DDoS attacks, download additional malicious software and updates for the Trojan.
According to another researcher from ESET Security, Tsunami for Mac has been updated to run every time you boot your PC or laptop Mac. “The new version, called Tsunami.A, has also used other IRC-channel and server management,” – said Pierre-Marc Bureau of ESET Security blog.
Lipovskii could not explain how the people behind the Tsunami, trojan infected computers Mac – the company could not figure out what methods of attack used for the introduction of malware on the machine.
But a short time span between the versions and their limited use ESET has led to the idea that the creators of the Tsunami is still testing the trojan. “Maybe they have adapted the code was originally written for Linux, a Mac OS X”, – said the Bureau.
An analysis of the British firm Sophos, the creators have done and Tsunami of 32-bit version that can run on older versions of Mac, running on processors PowerPC.
And ESET and Sophos rated as a minor threat.