Mac OS X rootkit surfaces

Mac OS X rootkit surfaces
John Leyden, The Register 2004-10-25

One of the first pieces of malicious code targeting Apple's Mac OS X operating system has been discovered. The Mac OS X malware, dubbed Opener, is a rootkit for Mac OS X machines that contains a variety of destructive functionality including a keylogger and backdoor components.

Expand all | Post comment

Mac OS X rootkit surfaces 2004-10-25
Anonymous

Mac OS X rootkit surfaces 2004-10-26
keydet89 (at) yahoo (dot) com [email concealed] (2 replies)

"The Mac OS X malware, dubbed Opener, is a rootkit for Mac OS X machines that contains a variety of destructive functionality including a keylogger and backdoor components. Opener (AKA Renepo-A) is a shell script that can't be installed without admin privileges. It isn't spreading."

Okay.

Question: How is a keylogger and backdoor "destructive"? Wouldn't something that deleted or modified files be destructive? I can understand how capturing someone's passwords can be used for destructive purposes, but I don't see how the activity in and of itself is destructive.

Question: This is described as a rootkit, but the Register article makes no mention of any stealth (ie, hiding processes, network connections, etc) capability.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/9796/28856#28856

Re: Mac OS X rootkit surfaces 2006-10-29
Anonymous

Re: Mac OS X rootkit surfaces 2006-12-23
Anonymous

Mac OS X rootkit surfaces 2004-10-26
keydet89 (at) yahoo (dot) com [email concealed]