Skip to main content

Tsunami backdoor for Mac OS X discovered

posted onOctober 26, 2011
by l33tdawg

OSX/Tsunami-A, a new backdoor Trojan horse for Mac OS X, has been discovered.

What makes Tsunami particularly interesting is that it appears to be a port of Troj/Kaiten, a Linux backdoor Trojan horse that once it has embedded itself on a computer system listens to an IRC channel for further instructions.

Typically code like this is used to rally compromised computers into a DDoS (distributed denial-of-service) attack, flooding a website with traffic. If you were wondering where the name "Tsunami" comes from, that should probably help explain things. It's not just a DDoS tool though. As you can see by the portion of OSX/Tsunami's source code that I have reproduced below, the bash script can be given a variety of different instructions and can be used to remotely access an affected computer.

Source

Tags

OS X Viruses & Malware

Recent News

Tuesday, November 14th

Sunday, November 12th

Friday, November 10th

Wednesday, November 8th

Monday, November 6th