Violent malware that steals data from Mac and executes code without permission and it takes away all control



For the first time in the early 2016Ranthermware wearing macOS (OS X)Although it was discovered, the following malware targeting macOS "Backdoor.MAC.ElanorThe presence of Romania's security tool development companyBitdefender LabsIt was clarified by.

New Backdoor Allows Full Access to Mac Systems, Bitdefender Warns | Bitdefender Labs
https://labs.bitdefender.com/2016/07/new-mac-backdoor-nukes-os-x-systems/


New Mac malware in the wild, Backdoor.MAC.Elanor - can steal data, execute code, control webcam | 9to5Mac
http://9to5mac.com/2016/07/06/backdoor-mac-elanor-mac-malware/


"Backdoor.MAC.Elanor" is a malware that can steal data from Mac, execute code by remote control, and can access camera. Using the converter "EasyDoc Converter" which converts the file format just by dragging and dropping, instead of converting the file it tries to download this malware. EasyDoc Converter is fake software to install malware in the first place, it does not have the function to convert files, but it is also distributed by MacUpdate etc., a well-established software introduction site operated since 1996 It was.


According to Bitdefender Labs, EasyDoc Converter is assigned its own Tor address, through which an attacker can install Secret Backdoor.MAC.Elanor in the target Mac. This Tor address is allPastebinIt seems that it is kept encrypted in the user agent.

Bitdefender LabsTiberius Axinte"This type of malware is particularly dangerous, difficult to detect, gives attackers all the controls of infected devices, for example if an attacker locks a Mac and" wants to use a Mac, You can also threaten to "give us a copy" and make the taken Mac part of the botnet network, possibly infinite, "suggesting that it is a very dangerous malware.

Although "EasyDoc Converter" was not delivered by Apple app store for Mac, Mac App Store, 9to 5 Mac which deals with Apple related news said, "The fact that EasyDoc Converter was distributed on Mac Update Even when downloading an application from a reputable software distribution site, it indicates that there is a necessity to carefully select the application to be acquired ".


In addition, Bitdefender Labs summarized more detailed information on malware "Backdoor.MAC.Elanor"(PDF)reportWe are also publishing.

in Software,   Security, Posted by logu_ii