New Malware found for Mac OS X

Posted: 03/18/2012 in Info, Mac Hacking
Tags: , , , , , ,

The Imuler.C trojan has affected many Macs till now. It gets user data and Various screenshots and tries to upload them to a server.


This trojan tries to convince users them that the file they’ve downloaded is just an image. The trojan horse operates using .zip archives named “Pictures and the Ariticle of Renzin” and “FHM Feb Cover Girl Irina Shayk H-Res”.

At a Mac Security company’s blog, you may read how it works:

The malware installs a backdoor at /tmp/.mdworker, and a process called .mdworker then launches. A launchagent file is also installed at ~/library/LaunchAgents/checkvir.plist, along with an executable in the same folder, ensuring that the malware launches when the user logs into his or her Mac.

What can you do to prevent it?
Enable the “Show all Extensions” feature to see if what you downloaded is a real or fake file. Also, you can check if a suspicious file is a virus or not at VirusTotal.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s