The Latest in IT Security

Backdoor:OSX/Tsunami.A

31
Oct
2011

Our description for Backdoor:OSX/Tsunami.A is now online. Tsunami is a Mac OS X backdoor with bot functionality.

Backdoor:OSX/Tsunami.A

The bot is capable of participating in DDoS attacks, and in fact, one variant attempts to connect to an IRC server with “anonops” in its name — as in (Internet collective) Anonymous Ops.

Because there is no obvious infection vector for Tsunami, some analysts have speculated that OSX/Tsunami is a work in progress. Others have noted that remote hacking of a server is one possible vector. Given that OSX/Tsunami is based on a Linux bot that has long used PHP vulnerabilities to install, this is a definite possibility.

We’ve even read some posts that have suggested that people may be installing this backdoor themselves in order to volunteer their computer to DDoS activities carried out by Anonymous.

Volunteering one’s own computer??? That sounds absurd to us.

Especially when we consider all of the other Macs that are potentially available to be “volunteered” by members of Anonymous.

site_edu_mac_lab

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments