14 DAY TRIAL // We recently reported that researchers from F-Secure uncovered a piece of malware designed to impact Linux, Windows and Mac OS users. As it turns out, another version of the backdoor comes with an improvement when it comes to attacking systems running OS X.
The initial variant served Apple customers a malicious PowerPC binary that needed an application such as Rosetta to execute and cause damage on Intel-based platforms.
However, this newer sample contains an Intel x86 version of the file.
“Instead of connecting to the remote server to get additional shellcode to execute (which then opens a reverse shell), the OS X binary immediately opens a reverse shell,” F-Secure experts explained.
The shell allows the cybercriminals to completely take over the affected system.
This new binary has been identified as Backdoor:OSX/TESrel.A.