• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

         

Mac OS X rootkit surfaces
John Leyden, The Register 2004-10-25

One of the first pieces of malicious code targeting Apple's Mac OS X operating system has been discovered. The Mac OS X malware, dubbed Opener, is a rootkit for Mac OS X machines that contains a variety of destructive functionality including a keylogger and backdoor components.

Opener (AKA Renepo-A) is a shell script that can't be installed without admin privileges. It isn't spreading. A thread on Macintouch reports an isolated example of a Mac user finding Opener on their system, which prompted a brainstorming session about the nature of the malware on the forum. The interest focused on the hacker tool in the Mac community is largely generated because of the malware's rarity value.

"Back in late 1980s viruses used to be a much bigger problem on Macs than on PCs. Then things changed," said Mikko Hyppönen, director of anti-virus research at Finnish AV firm F-Secure. "F-Secure used to have an antivirus product for Macs for years, but we discontinued it after the macro viruses died out as there was so little market for it." ®

       

Expand all | Post comment