A new variant of Mac malware — Imuler.B — has recently surfaced. It’s pretty much the same as Backdoor:OSX/Imuler.A, but with small changes and code optimizations. The current C&C server is ouchmen.com.
One interesting new function: Imuler.B exits if Wireshark is found.
Imuler is thought to be targeting Tibetan rights activists.
In other Mac related news: our Broderick Aquilino will be giving a presentation this Thursday at VB2012 on Flashback OS X malware.
Leave a reply