Doctor Web discovered another Mac backdoor: BackDoor.Olyx

Even on the first of June of this year, an article appeared on Habré " The era of antiviruses on Mac OS X has come officially ." And indeed, viruses and scareware under Mac OS X have started to appear, not so dangerous, but frightening "makovods", accustomed to the security of their OS, to a shudder at their knees. Panic forced Apple to give out "on the mountain" Internet Security. Perhaps this thing will help Mac OS X users to protect themselves from the next backdoor, discovered by experts from Doctor Web. As far as is known, this is the second backdoor for the specified operating system will be more .

The company's specialists have discovered that this malware allows a cybercriminal to remotely control a computer running Mac OS X, without the knowledge of the owner. You can, for example, create and delete folders and files, in addition, you can give the infected computer and other directives.
')
Currently, only two backdoors are known, BackDoor.DarkHole and BackDoor.Olyx. The first malware allows the creator to control the infected machine, for example, restart the computer, create, delete and move files and folders, launch web pages in the browser.

BackDoor.Olyx, getting to the user's computer, creates the directory / Library / Application Support / google / on the hard disk. The file startp is saved in this directory. After that, /Library/LaunchAgents/www.google.com.tstart.plist appears in the daddy, and this file, after rebooting the machine, starts the execution of the malware. After the reboot, the google.tmp file gets into the temporary folder, this is the backdoor, trying to disguise itself as a temporary file. After that, the malware is “ready for use”.

Via Dr.Web