Advertisment

New MacOS X Backdoor Variant Used in APT Attacks- Kaspersky Lab

author-image
PCQ Bureau
New Update

The application is actually a new, mostly undetected version of the MaControl backdoor (Universal Binary), which supports both i386 and PowerPC Macs. We detect it as “Backdoor.OSX.MaControl.b”.

Advertisment

MD5 ( “matiriyal.app/Contents/MacOS/iCnat” ): e88027e4bfc69b9d29caef6bae0238e8

When executed, it installs itself in the system and connects to its Command and Control server to get instructions. The backdoor allows its operator to list files, transfer files and generally, run commands on the infected machine.

To find more detailed information, please click on the link below:

https://www.securelist.com/en/blog/208193616/New_MacOS_X_backdoor_variant_used_in_APT_attacks

Advertisment