A new piece of Mac malware, dubbed Komplex, has been discovered by Palo Alto Networks. This malware provides a backdoor into the system, like most other recent Mac malware. Where it gets most interesting, though, isn’t in its capabilities, but in the connections it allows us to make.
The implementation of Komplex is actually anything but complex. The end product of infection is nothing more than a launch agent masquerading as an Apple updater and a hidden executable that is kept running by that launch agent. Trivial in execution, trivial to detect, and trivial to remove.
Leave a reply