New Trojan for Mac OS X shows a PDF document
F-Secure Company announces a malicious program Trojan-Dropper: OSX / Revir.A , which behaves strangely. Once launched on a computer, the Trojan extracts the PDF file to the / tmp folder and displays the document in Chinese. At this time, the Backdoor: OSX / Imuler.A backdoor is being downloaded from the address tarmu.narod.ru [...].
Experts find it difficult to explain why the virus behaves in this way, because it does not have either a PDF document icon or a “double” extension .pdf.exe, like similar viruses under Windows. It is possible that the trojan got into the F-Secure virus lab without related components.
Apparently, this is just an experimental sample from novice authors.
Experts find it difficult to explain why the virus behaves in this way, because it does not have either a PDF document icon or a “double” extension .pdf.exe, like similar viruses under Windows. It is possible that the trojan got into the F-Secure virus lab without related components.
Apparently, this is just an experimental sample from novice authors.
')
Source: https://habr.com/ru/post/129127/
All Articles