New Mac Trojan uses the Russian space program as a front
Security researchers have found a new Mac OS X malware that appears to be targeting the aerospace industry.
The Trojan, called Komplex, can download, execute, and delete files from an infected Mac, according to security firm Palo Alto Networks. Interestingly, the Trojan will also save a PDF document to the infected system concerning the Russian space program.
The PDF document details planned Russian space projects from 2016 to 2025, but it acts as a decoy, Palo Alto Networks said in Monday blog post. In reality, the Trojan is a package of tools that will attempt to secretly communicate with its creators' command-and-control servers. This includes sending back data on the version, username, and process list running on the infected system. The Trojan can also receive instructions, and it will forward the results to the control servers.