Security researchers at Sophos Labs last week discovered a new, "still in beta" backdoor Trojan targeting Mac OS.
The Trojan, identified as BlackHoleRAT, is a variant of the free "remote administration tool" darkComet RAT for Windows, and gives the administrator the ability to place text files on the desktop, send restart, shutdown or sleep commands, to run shell commands, to place a full-screen window with a message that forces a reboot, to force URLs to a client, and to pop up a fake "Administrator Password" phishing window.
It lacks much of the functionality of its Windows counterpart, but carries the somewhat amusing message with the forced reboot:
I am a Trojan Horse, so i have infected your Mac Computer. I know, most people think Macs can't be infected, but look, you ARE Infected! I have full controll over your Computer and i can do everything I want, and you can do nothing to prevent it. So, Im a very new Virus, under Development, so there will be much more functions when im finished.
Obviously this pseudo-apologetic message is geared toward potential customers who would like to sink their teeth into Mac OS malware, rather than actually for someone whose system was infected.
It's a little boring but you can watch the video HERE
Since Mac OS has been gradually gaining PC operating system market share, more companies are entering the Mac security field. Earlier this month Comodo released a free Mac antivirus alongside Sophos.
And that's just in Beta! You know most Mac users think they don't need protection so imagine what the final product will do to all the vulnerable Macs out there in the world.