Customer Success Testimonial: Recovery is Everything

Miscreants have adapted a Windows Trojan in an attempt to create malware that established a backdoor on Macs, as part of an apparent bid to drum up commercial interest for their dastardly wares.

MusMinim (dubbed BlackHole RAT by its nefarious author) is a variant of a strain of Windows Trojan called darkComet. Net security firm Sophos describes the malware as "very basic", while even its author characterises the malware as a work in progress.

The malware is capable of shutting down infected machines, running arbitrary shell commands, placing text on a desktop and otherwise messing with victims. However, its main function would appear to be the generation of fake "Administrator Password" pop-ups in an apparent attempt to trick users into handing over their login credentials.

The malware, apparently in development, displays a default message when reboot is initiated making it clear that systems are infected, Sophos reports.

"I am a Trojan Horse, so i have infected your Mac Computer. I know, most people think Macs can't be infected, but look, you ARE Infected!
I have full controll over your Computer and i can do everything I want, and you can do nothing to prevent it.
So, Im a very new Virus, under Development, so there will be much more functions when im finished."

The odd message seems to be targeted at potential buyers of the malware, we'd guess, since it makes no sense to advertise the presence of a backdoor on compromised machines to victims otherwise. Taunting marks went out of fashion in the VXer scene years ago around the time mischief was replaced by money making as the prime motive for malware creation.

Sophos, which has added detection for the malware, said that once fully developed the malware may be disguised as pirate software or games downloads and distributed through wares portal or torrent downloads. ®

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery