EasyDoc Malware Adds Tor Backdoor To Macs For Botnet Control

An anonymous reader writes: Security firm Bitdefender has issued an alert about a malicious app that hands over control of Macs to criminals via Tor. The software, called EasyDoc Converter.app, is supposed to be a file converter but doesn’t do its advertised functions. Instead it drops complex malware onto the system that subverts the security of the system, allowing it to be used as part of a botnet or to spy on the owner. “This type of malware is particularly dangerous as it’s hard to detect and offers the attacker full control of the compromised system,” said Tiberius Axinte, Technical Leader, Bitdefender Antimalware Lab. “For instance, someone can lock you out of your laptop, threaten to blackmail you to restore your private files or transform your laptop into a botnet to attack other devices. The possibilities are endless.” The malware, dubbed Backdoor.MAC.Eleanor, sets up a hidden Tor service and PHP-capable web server on the infected computer, generating a .onion domain that the attacker can use to connect to the Mac and control it. Once installed, the malware grants full access to the file system and can run scripts given to it by its masters.A report on AppleInsider says that malware can also control the FaceTime camera on a victim’s computer. But thankfully, Apple’s Gatekeeper security prevents the unsigned app from being installed.


Share on Google+

Read more of this story at Slashdot.

Clip to Evernote

Leave a Reply

Your email address will not be published. Required fields are marked *