Now before any Mac readers start going off about how Macs don’t get viruses or trojans let’s just cut you off before you start as this report from Sophos is of an early version that they had been sent. As for the argument that Mac doesn’t get these nasty little presents, well, those were the good old days.
This new (old) trojan, according to Sophos, is a variant of the old backdoor trojan that has haunted Windows users and goes by the name of: darkComet, a Remote Access Trojan (RAT). The creator of the version targeted for OS X is apparently calling his version Blackhole RAT.
The Mac OS X version is very basic and there appears to be a mix of German and English in the user interface. Its functions include:
* Placing text files on the desktop
* Sending a restart, shutdown or sleep command
* Running arbitrary shell commands
* Placing a full screen window with a message that only allows you to click reboot
* Sending URLs to the client to open a website
* Popping up a fake “Administrator Password” window to phish the target
[Cross-posted at Winextra]