The Latest in IT Security

New Variant of Mac Revir Found

14
Nov
2012

There are reports of a new variant of Mac malware. We are aware of the attack and our customers are already protected. It’s a minor variant of Revir.C. For the payload, it’s basically still the same Imuler variant we wrote about back in September. Most probably it was rebuilt in an effort to avoid detection. As usual, the attack is targeted at Tibetan rights activists.

Hopefully we didn’t confuse you with our names. We detect the dropper component as Revir while the backdoor payload is called Imuler. This was because when we first discovered the family last year, we thought that the dropper might be customized to carry a different malware as payload. But so far, Revir and Imuler have always been used together.

We have updated our database since yesterday to detect the new variants.

Our descriptions are also now online. Please check them out for more details:

  •  Trojan-Dropper:OSX/Revir.D (MD5: 2d84bfbae1f1b7ab0fc1ca9dd372d35e)
  •  Backdoor:OSX/Imuler.B (MD5: 9ccc685f4d95403848ca24d9b8003b5b)

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments