Backdoor attack on MAC OS X? Yes indeed

MAC OS X Attack

MAC OS X AttackSecurity researchers over at Fireye have discovered that cyber criminals over at GREF have taken a known Windows backdoor attack (XSLCmd backdoor program) and ported it over to target the MAC OS X environment over the past few days.  It’s been reported to open reverse shells so that attackers can copy files from the affected hard drive and other nasty little things. GREF has been known to attack some high profile targets including the US Defense Industrial Base as far back as 2009, and probably even before.  This attack on the MAC using the redistributed malware copies itself to /Library/Logs/clipboardd and$HOME/Library/LaunchAgents/clipboardd. The malware also creates a com.apple.service.clipboardd.plistfile to make sure it it can survive a reboot of the operating system and continue to open a door for the attackers.

Skip to toolbar