Security Professionals Identify New MAC OS X Backdoor Trojan

March 2, 2011 - PRLog -- Developers constantly endeavor to produce new and improved software products. However, the success of a new product attracts the attention of cybercriminals, who persistently explore and exploit vulnerabilities.

Recently, security researchers at Sophos identified a new backdoor Trojan, which affects Mac Operating System (OS) X.  According to the Abingdon, Oxfordshire based company, the Trojan is still evolving. While the author of the Trojan has referred to it as BlackHole Remote Access Trojan (RAT), Sophos has renamed the Trojan as OSX/MusMinim-A. The analysts at Sophos consider MusMinim as a variant of darkComet, the infamous RAT affecting Windows. The company opines that criminals may be targeting Apple products, considering the growing market share of the company.

Ironically, the term Black Hole is used by another legitimate application designed to improve the security of Mac by enabling users to remove recently used file lists and clipboard data. The name of the Trojan is intended to deceive the users. Once installed, the MusMinim places the text files on the system desktop, sends restart, shut down and sleeping commands and runs arbitrary shell commands. The Trojan also displays a fake "administrator password" window to trick users into entering the credentials. MusMinim may display a window, which would only allow users to click reboot option and also send malicious "Unique Resource Locators" (URLs) seeking users to open them.

Attackers may use malware to gain unauthorized access to a victim’s computer, extract and send information to remote attackers.  The remote attackers may gain control and use the computer as a platform to initiate attacks on other computers and disseminate spam and phishing e-mails. The attackers may also send instructions to the affected computer. Cyber education is crucial to prevent users from becoming victims of virus and Trojan attacks. The extracted information may be sold to their underground peers and crime syndicates in return for financial benefit. Attackers may also use extracted personal details and financial information to create fake identities, conduct unauthorized transactions, open new accounts and defraud users. Online tutorials, online degree and diploma courses may help Internet users in understanding the various types of attacks and initiating preventive measures.

Security professionals face constant challenge of identifying the threat vectors before their exploitation by attackers. E-learning programs and online university degree  courses may help security professionals in updating their knowledge and technical skills in accordance with the latest challenges. Organizations must recruit IT professionals such as computer science degree holders, security auditors, security analysts and penetration testers to test the strength of the IT infrastructure. Software developers must conduct regular evaluation of their products to mitigate security flaws and weaknesses.

Use of pirated software and downloading applications from suspicious sites may lead to installation of malicious files and applications, which may extract, modify and delete content from the affected systems. Users must download applications from only legitimate sites. They must also adhere to the patch releases and security updates to safeguard software applications, plugins and web browsers. They must install anti-virus and anti-malware solutions and update them frequently to safeguard their computer systems.

Contact Press

EC-Council
Website:  http://www.eccouncil.org
Email:  iclass@eccouncil.org
Tel:  505-341-3228

EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.

EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.

EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.

# # #

iClass is EC- Council's online training delivery platform. Students can attend live, or recorded training sessions for courses such as Certified Ethical Hacker (CEH), Certified Security Analyst (ECSA) or Computer Hacking Forensic Investigator (CHFI).