New Mac OS X backdoor trojan "Tsunami" discovered, "sky not falling in"
The so-called “Tsunami” backdoor trojan, detected as OSX/Tsunami.A., is derived from an older Linux malware family that has been around since at least 2002, Robert Lipovsky, researcher at anti-virus company ESET, said in a blog post Wednesday. It enables infected machines to participate in distributed denial-of-service (DDoS) attacks intended to flood websites with traffic.
Once it has made its way onto a system, the malware attempts to connect to an IRC channel, where it can receive further commands. Besides enabling DDoS attacks, it can be used to download additional malware and take control of an affected machine.
Graham Cluley, senior technology consultant at security firm Sophos, said that none of his company's customers have reported their computer infected by Tsunami.
"The sky is not falling in," he said.
Even so, Mac malware is a problem, though much less prevalent than Windows threats, Cluley said in a blog post Tuesday. Last week, for example, researchers discovered a separate Mac trojan, which was crafted to disable the anti-malware protection Apple has built into its OS X platform.
At the recent McAfee Focus event in Las Vegas researchers demonstrated a live hack of an Apple iPad via SSH.